You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We previously announced in April 2020, a new combined registration experience enabling users to register authentication methods for SSPR and multi-factor authentication at the same time was generally available for existing customer to opt in. Any Azure AD tenants created after August 2020 automatically have the default experience set to combined registration. Starting 2022, Microsoft will be enabling the MFA/SSPR combined registration experience for existing customers. [Learn more](../authentication/concept-registration-mfa-sspr-combined.md).
794
-
795
-
---
796
-
797
-
### Windows users will see prompts more often when switching user accounts
798
-
799
-
**Type:** Fixed
800
-
**Service category:** Authentications (Logins)
801
-
**Product capability:** User Authentication
802
-
803
-
A problematic interaction between Windows and a local Active Directory Federation Services (ADFS) instance can result in users attempting to sign into another account, but be silently signed into their existing account instead, with no warning. For federated IdPs such as ADFS, that support the [prompt=login](/windows-server/identity/ad-fs/operations/ad-fs-prompt-login) pattern, Azure AD will now trigger a fresh login at ADFS when a user is directed to ADFS with a login hint. This ensures that the user is signed into the account they requested, rather than being silently signed into the account they're already signed in with.
804
-
805
-
For more information, see the [change notice](../develop/reference-breaking-changes.md).
806
-
807
-
---
808
-
809
-
### Public preview - Conditional Access Overview Dashboard
810
-
811
-
**Type:** New feature
812
-
**Service category:** Conditional Access
813
-
**Product capability:** Monitoring & Reporting
814
-
815
-
The new Conditional Access overview dashboard enables all tenants to see insights about the impact of their Conditional Access policies without requiring an Azure Monitor subscription. This built-in dashboard provides tutorials to deploy policies, a summary of the policies in your tenant, a snapshot of your policy coverage, and security recommendations. [Learn more](../conditional-access/overview.md).
816
-
817
-
---
818
-
819
-
### Public preview - SSPR writeback is now available for disconnected forests using Azure AD Connect cloud sync
The Public Preview feature for Azure AD Connect Cloud Sync Password writeback provides customers the capability to writeback a user’s password changes in the cloud to the on-premises directory in real time using the lightweight Azure AD cloud provisioning agent.[Learn more](../authentication/tutorial-enable-cloud-sync-sspr-writeback.md).
826
-
827
-
---
828
-
829
-
### Public preview - Conditional Access for workload identities
830
-
831
-
**Type:** New feature
832
-
**Service category:** Conditional Access for workload identities
Previously, Conditional Access policies applied only to users when they access apps and services like SharePoint online or the Azure portal. This preview adds support for Conditional Access policies applied to service principals owned by the organization. You can block service principals from accessing resources from outside trusted-named locations or Azure Virtual Networks. [Learn more](../conditional-access/workload-identity.md).
836
-
837
-
---
838
-
839
-
### Public preview - Extra attributes available as claims
840
-
841
-
**Type:** Changed feature
842
-
**Service category:** Enterprise Apps
843
-
**Product capability:** SSO
844
-
845
-
Several user attributes have been added to the list of attributes available to map to claims to bring attributes available in claims more in line with what is available on the user object in Microsoft Graph. New attributes include mobilePhone and ProxyAddresses. [Learn more](../develop/reference-claims-mapping-policy-type.md#table-3-valid-id-values-per-source).
846
-
847
-
---
848
-
849
-
### Public preview - "Session Lifetime Policies Applied" property in the sign-in logs
We have recently added other property to the sign-in logs called "Session Lifetime Policies Applied". This property will list all the session lifetime policies that applied to the sign-in for example, Sign-in frequency, Remember multi-factor authentication and Configurable token lifetime. [Learn more](../reports-monitoring/concept-sign-ins.md#authentication-details).
856
-
857
-
---
858
-
859
-
### Public preview - Enriched reviews on access packages in entitlement management
860
-
861
-
**Type:** New feature
862
-
**Service category:** User Access Management
863
-
**Product capability:** Entitlement Management
864
-
865
-
Entitlement Management’s enriched review experience allows even more flexibility on access packages reviews. Admins can now choose what happens to access if the reviewers don't respond, provide helper information to reviewers, or decide whether a justification is necessary. [Learn more](../governance/entitlement-management-access-reviews-create.md).
866
-
867
-
---
868
-
869
-
### General availability - randomString and redact provisioning functions
870
-
871
-
**Type:** New feature
872
-
**Service category:** Provisioning
873
-
**Product capability:** Outbound to SaaS Applications
874
-
875
-
876
-
The Azure AD Provisioning service now supports two new functions, randomString() and Redact():
877
-
- randomString - generate a string based on the length and characters you would like to include or exclude in your string.
878
-
- redact - remove the value of the attribute from the audit and provisioning logs. [Learn more](../app-provisioning/functions-for-customizing-application-data.md#randomstring).
879
-
880
-
---
881
-
882
-
### General availability - Now access review creators can select users and groups to receive notification on completion of reviews
883
-
884
-
**Type:** New feature
885
-
**Service category:** Access Reviews
886
-
**Product capability:** Identity Governance
887
-
888
-
Now access review creators can select users and groups to receive notification on completion of reviews. [Learn more](../governance/create-access-review.md).
889
-
890
-
---
891
-
892
-
### General availability - Azure AD users can now view and report suspicious sign-ins and manage their accounts within Microsoft Authenticator
This feature allows Azure AD users to manage their work or school accounts within the Microsoft Authenticator app. The management features will allow users to view sign-in history and sign-in activity. Users can also report any suspicious or unfamiliar activity, change their Azure AD account passwords, and update the account's security information.
899
-
900
-
For more information on how to use this feature visit [View and search your recent sign-in activity from the My Sign-ins page](../user-help/my-account-portal-sign-ins-page.md).
901
-
902
-
---
903
-
904
-
### General availability - New Microsoft Authenticator app icon
New updates have been made to the Microsoft Authenticator app icon. To learn more about these updates, see the [Microsoft Authenticator app](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/microsoft-authenticator-app-easier-ways-to-add-or-manage/ba-p/2464408) blog post.
911
-
912
-
---
913
-
914
-
### General availability - Azure AD single Sign-on and device-based Conditional Access support in Firefox on Windows 10/11
915
-
916
-
**Type:** New feature
917
-
**Service category:** Authentications (Logins)
918
-
**Product capability:** SSO
919
-
920
-
We now support native single sign-on (SSO) support and device-based Conditional Access to Firefox browser on Windows 10 and Windows Server 2019 starting in Firefox version 91. [Learn more](../conditional-access/require-managed-devices.md#prerequisites).
921
-
922
-
---
923
-
924
-
### New provisioning connectors in the Azure AD Application Gallery - November 2021
925
-
926
-
**Type:** New feature
927
-
**Service category:** App Provisioning
928
-
**Product capability:** 3rd Party Integration
929
-
930
-
You can now automate creating, updating, and deleting user accounts for these newly integrated apps:
For more information about how to better secure your organization by using automated user account provisioning, see [Automate user provisioning to SaaS applications with Azure AD](../manage-apps/user-provisioning.md).
952
-
953
-
---
954
-
955
-
### New Federated Apps available in Azure AD Application gallery - November 2021
956
-
957
-
**Type:** New feature
958
-
**Service category:** Enterprise Apps
959
-
**Product capability:** 3rd Party Integration
960
-
961
-
In November 2021, we have added following 32 new applications in our App gallery with Federation support:
You can also find the documentation of all the applications [here](../saas-apps/tutorial-list.md).
966
-
967
-
For listing your application in the Azure AD app gallery, read the details [here](../manage-apps/v2-howto-app-gallery-listing.md).
968
-
969
-
---
970
-
971
-
### Updated "switch organizations" user experience in My Account.
972
-
973
-
**Type:** Changed feature
974
-
**Service category:** My Profile/Account
975
-
**Product capability:** End User Experiences
976
-
977
-
Updated "switch organizations" user interface in My Account. This visually improves the UI and provides the end-user with clear instructions. Added a manage organizations link to blade per customer feedback. [Learn more](https://support.microsoft.com/account-billing/switch-organizations-in-your-work-or-school-account-portals-c54c32c9-2f62-4fad-8c23-2825ed49d146).
0 commit comments