You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/fundamentals/whats-new.md
+115-1Lines changed: 115 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,6 +32,120 @@ Azure AD receives improvements on an ongoing basis. To stay up to date with the
32
32
This page updates monthly, so revisit it regularly. If you're looking for items older than six months, you can find them in [Archive for What's new in Azure Active Directory](whats-new-archive.md).
33
33
34
34
35
+
## September 2023
36
+
37
+
### Public Preview - Managing and Changing Passwords in My Security Info
38
+
39
+
**Type:** New feature
40
+
**Service category:** My Profile/Account
41
+
**Product capability:** End User Experiences
42
+
43
+
The My Security Info management portal ([My Sign-Ins | Security Info | Microsoft.com](https://mysignins.microsoft.com/security-info)) will now support an improved end user experience of managing passwords. Users are able to change their password, and users capable of multifactor authentication (MFA) are able to update their passwords without providing their current password.
44
+
45
+
---
46
+
47
+
### Public Preview - Device-bound passkeys as an authentication method
48
+
49
+
**Type:** Changed feature
50
+
**Service category:** Authentications (Logins)
51
+
**Product capability:** User Authentication
52
+
53
+
Beginning January 2024, Microsoft Entra ID will support [device-bound passkeys](https://passkeys.dev/docs/reference/terms/#device-bound-passkey) stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users to perform phishing-resistant authentication using the devices that they already have.
54
+
55
+
56
+
We'll expand the existing FIDO2 authentication methods policy and end user registration experience to support this preview release. If your organization requires or prefers FIDO2 authentication using physical security keys only, then please enforce key restrictions to only allow security key models that you accept in your FIDO2 policy. Otherwise, the new preview capabilities enable your users to register for device-bound passkeys stored on Windows, macOS, iOS, and Android. Learn more about FIDO2 key restrictions [here](../authentication/howto-authentication-passwordless-security-key.md).
57
+
58
+
---
59
+
60
+
### General Availability - Authenticator on Android is FIPS 140 compliant
61
+
62
+
**Type:** New feature
63
+
**Service category:** Microsoft Authenticator App
64
+
**Product capability:** User Authentication
65
+
66
+
Authenticator version and higher on Android version will be FIPS 140 compliant for all Azure AD authentications using push multi-factor authentications (MFA), Passwordless Phone Sign-In (PSI), and time-based one-time passcodes (TOTP). No changes in configuration are required in the Authenticator app or Azure portal to enable this capability. For more information, see: [Authentication methods in Microsoft Entra ID - Microsoft Authenticator app](../authentication/concept-authentication-authenticator-app.md).
67
+
68
+
---
69
+
70
+
### General Availability - Recovery of deleted application and service principals is now available
With this release, you can now recover applications along with their original service principals, eliminating the need for extensive reconfiguration and code changes ([Learn more](../manage-apps/delete-recover-faq.yml)). It significantly improves the application recovery story and addresses a long-standing customer need. This change is beneficial to you on:
77
+
78
+
-**Faster Recovery**: You can now recover their systems in a fraction of the time it used to take, reducing downtime and minimizing disruptions.
79
+
-**Cost Savings**: With quicker recovery, you can save on operational costs associated with extended outages and labor-intensive recovery efforts.
80
+
-**Preserved Data**: Previously lost data, such as SMAL configurations, is now retained, ensuring a smoother transition back to normal operations.
81
+
-**Improved User Experience**: Faster recovery times translate to improved user experience and customer satisfaction, as applications are back up and running swiftly.
82
+
83
+
---
84
+
85
+
### Public Preview - New provisioning connectors in the Azure AD Application Gallery - September 2023
86
+
87
+
**Type:** New feature
88
+
**Service category:** App Provisioning
89
+
**Product capability:** 3rd Party Integration
90
+
91
+
92
+
We've added the following new applications in our App gallery with Provisioning support. You can now automate creating, updating, and deleting of user accounts for these newly integrated apps:
For more information about how to better secure your organization by using automated user account provisioning, see: [Automate user provisioning to SaaS applications with Azure AD](../app-provisioning/user-provisioning.md).
100
+
101
+
---
102
+
103
+
### General Availability - Web Sign-In for Windows
104
+
105
+
**Type:** Changed feature
106
+
**Service category:** Authentications (Logins)
107
+
**Product capability:** User Authentication
108
+
109
+
We're thrilled to announce that as part of the Windows 11 September moment, we're releasing a new Web Sign-In experience that will expand the number of supported scenarios and greatly improve security, reliability, performance, and overall end-to-end experience for our users.
110
+
111
+
Web Sign-In (WSI) is a credential provider on the Windows lock/sign-in screen for AADJ joined devices that provide a web experience used for authentication and returns an auth token back to the operating system to allow the user to unlock/sign-in to the machine.
112
+
113
+
Web Sign-In was initially intended to be used for a wide range of auth credential scenarios; however, it was only previously released for limited scenarios such as: [Simplified EDU Web Sign-In](/education/windows/federated-sign-in?tabs=intune) and recovery flows via [Temporary Access Password (TAP)](../authentication/howto-authentication-temporary-access-pass.md).
114
+
115
+
The underlying provider for Web Sign-In has been re-written from the ground up with security and improved performance in mind. This release moves the Web Sign-in infrastructure from the Cloud Host Experience (CHX) WebApp to a newly written Login Web Host (LWH) for the September moment. This release provides better security and reliability to support previous EDU & TAP experiences and new workflows enabling using various Auth Methods to unlock/login to the desktop.
116
+
117
+
---
118
+
119
+
### General Availability - Support for Microsoft admin portals in Conditional Access
When a Conditional Access policy targets the Microsoft Admin Portals cloud app, the policy is enforced for tokens issued to application IDs of the following Microsoft administrative portals:
126
+
127
+
- Azure portal
128
+
- Exchange admin center
129
+
- Microsoft 365 admin center
130
+
- Microsoft 365 Defender portal
131
+
- Microsoft Entra admin center
132
+
- Microsoft Intune admin center
133
+
- Microsoft Purview compliance portal
134
+
135
+
For more information, see: [Microsoft Admin Portals (preview)](../conditional-access/concept-conditional-access-cloud-apps.md#microsoft-admin-portals-preview).
136
+
137
+
---
138
+
139
+
### Public Preview - Microsoft Graph Activity Logs
140
+
141
+
**Type:** New feature
142
+
**Service category:** Microsoft Graph
143
+
**Product capability:** Monitoring & Reporting
144
+
145
+
The *MicrosoftGraphActivityLogs* provide administrators full visibility into all HTTP requests accessing your tenant’s resources through the Microsoft Graph API. These logs can be used to find activity from compromised accounts, identify anomalous behavior, or investigate application activity. For more information, see: [Access Microsoft Graph activity logs (preview)](/graph/microsoft-graph-activity-logs-overview).
146
+
147
+
---
148
+
35
149
## August 2023
36
150
37
151
### General Availability - Tenant Restrictions V2
@@ -364,7 +478,7 @@ For more information, see: [Require an app protection policy on Windows devices
364
478
365
479
In July 2023 we've added the following 10 new applications in our App gallery with Federation support:
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments