Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID, Microsoft communicated the following planned, new and changed functionality for Entra ID for July 2024:
What's Planned
New SAML applications can't receive tokens through OAuth2/OIDC protocols Generally Available
Service category: Enterprise Apps
Product capability: Developer Experience
Starting late September 2024, applications indicated as 'SAML' applications (via the 'preferredSingleSignOnMode' property of the service principal) can't be issued JWT tokens. This means they can't be the resource application in OIDC, OAuth2.0, or other protocols using JWTs. This change will only affect SAML applications attempting to take a new dependency on JWT-based protocols; existing SAML applications already using these flows won't be affected. This will improve the security of apps.
What's New
Active Directory Federation Services (AD FS) Application Migration Wizard Generally Available
Service category: AD FS Application Migration
Product capability: Platform
The Active Directory Federation Services (AD FS) application migration wizard allows admins to quickly identify which AD FS relying party applications are compatible with being migrated to Microsoft Entra ID. The tool shows the migration readiness of each application, highlights issues and the suggested actions to remediate, guides the admin through preparing an individual application for migration, and configuring their new Microsoft Entra application.
Insider Risk condition in Conditional Access Generally Available
Service category: Conditional Access
Product capability: Identity Security & Protection
The Insider Risk condition in Conditional Access, is a new feature that leverages signals from Microsoft Purview's Adaptive Protection capability to enhance the detection and automatic mitigation of Insider threats. This integration allows organizations to more effectively manage, and respond, to potential insider risks by using advanced analytics and real-time data.
This is a premium feature and requires an Entra P2 license.
Adversary in the Middle detection alert Generally Available
Service category: Identity Protection
Product capability: Identity Security & Protection
The Adversary in the Middle (AitM) detection in Identity Protection will be triggered on a user account that has been compromised by an adversary that has intercepted the user's credentials, including tokens that were issued to the user. The risk is identified through Microsoft 365 Defender and will flag the user with High risk to trigger the configured Conditional Access policy.
New Federated Apps available in Microsoft Entra Application gallery Generally Available
Service category: Enterprise Apps
Product capability: 3rd Party Integration
In July 2024, Microsoft added the following new applications in the Entra Application Gallery with Federation support:
What's Changed
Easy authentication with Azure App Service and Microsoft Entra External ID Generally Available
Service category: B2C – Consumer Identity Management
Product capability: B2B/B2C
This feature offers an improved experience when using Microsoft Entra External ID as an identity provider for Azure App Service’s built-in authentication, simplifying the process of configuring authentication and authorization for external-facing apps. Admins can complete initial configuration directly from the App Service authentication setup without switching into the external tenant.
Login