You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We previously announced in April 2020, a new combined registration experience enabling users to register authentication methods for SSPR and multi-factor authentication at the same time was generally available for existing customer to opt in. Any Azure AD tenants created after August 2020 automatically have the default experience set to combined registration. Starting 2022, Microsoft will be enabling the MFA/SSPR combined registration experience for existing customers. [Learn more](../authentication/concept-registration-mfa-sspr-combined.md).
43
+
44
+
---
45
+
46
+
### Windows users will see prompts more often when switching user accounts
47
+
48
+
**Type:** Fixed
49
+
**Service category:** Authentications (Logins)
50
+
**Product capability:** User Authentication
51
+
52
+
A problematic interaction between Windows and a local Active Directory Federation Services (ADFS) instance can result in users attempting to sign into another account, but be silently signed into their existing account instead, with no warning. For federated IdPs such as ADFS, that support the [prompt=login](/windows-server/identity/ad-fs/operations/ad-fs-prompt-login) pattern, Azure AD will now trigger a fresh login at ADFS when a user is directed to ADFS with a login hint. This ensures that the user is signed into the account they requested, rather than being silently signed into the account they're already signed in with.
53
+
54
+
For more information, see the [change notice](../develop/reference-breaking-changes.md).
55
+
56
+
---
57
+
58
+
### Public preview - Conditional Access Overview Dashboard
59
+
60
+
**Type:** New feature
61
+
**Service category:** Conditional Access
62
+
**Product capability:** Monitoring & Reporting
63
+
64
+
The new Conditional Access overview dashboard enables all tenants to see insights about the impact of their Conditional Access policies without requiring an Azure Monitor subscription. This built-in dashboard provides tutorials to deploy policies, a summary of the policies in your tenant, a snapshot of your policy coverage, and security recommendations. [Learn more](../conditional-access/overview.md).
65
+
66
+
---
67
+
68
+
### Public preview - SSPR writeback is now available for disconnected forests using Azure AD Connect cloud sync
The Public Preview feature for Azure AD Connect Cloud Sync Password writeback provides customers the capability to writeback a user’s password changes in the cloud to the on-premises directory in real time using the lightweight Azure AD cloud provisioning agent.[Learn more](../authentication/tutorial-enable-cloud-sync-sspr-writeback.md).
75
+
76
+
---
77
+
78
+
### Public preview - Conditional Access for workload identities
79
+
80
+
**Type:** New feature
81
+
**Service category:** Conditional Access for workload identities
Previously, Conditional Access policies applied only to users when they access apps and services like SharePoint online or the Azure portal. This preview adds support for Conditional Access policies applied to service principals owned by the organization. You can block service principals from accessing resources from outside trusted-named locations or Azure Virtual Networks. [Learn more](../conditional-access/workload-identity.md).
85
+
86
+
---
87
+
88
+
### Public preview - Extra attributes available as claims
89
+
90
+
**Type:** Changed feature
91
+
**Service category:** Enterprise Apps
92
+
**Product capability:** SSO
93
+
94
+
Several user attributes have been added to the list of attributes available to map to claims to bring attributes available in claims more in line with what is available on the user object in Microsoft Graph. New attributes include mobilePhone and ProxyAddresses. [Learn more](../develop/reference-claims-mapping-policy-type.md#table-3-valid-id-values-per-source).
95
+
96
+
---
97
+
98
+
### Public preview - "Session Lifetime Policies Applied" property in the sign-in logs
We have recently added other property to the sign-in logs called "Session Lifetime Policies Applied". This property will list all the session lifetime policies that applied to the sign-in for example, Sign-in frequency, Remember multi-factor authentication and Configurable token lifetime. [Learn more](../reports-monitoring/concept-sign-ins.md#authentication-details).
105
+
106
+
---
107
+
108
+
### Public preview - Enriched reviews on access packages in entitlement management
109
+
110
+
**Type:** New feature
111
+
**Service category:** User Access Management
112
+
**Product capability:** Entitlement Management
113
+
114
+
Entitlement Management’s enriched review experience allows even more flexibility on access packages reviews. Admins can now choose what happens to access if the reviewers don't respond, provide helper information to reviewers, or decide whether a justification is necessary. [Learn more](../governance/entitlement-management-access-reviews-create.md).
115
+
116
+
---
117
+
118
+
### General availability - randomString and redact provisioning functions
119
+
120
+
**Type:** New feature
121
+
**Service category:** Provisioning
122
+
**Product capability:** Outbound to SaaS Applications
123
+
124
+
125
+
The Azure AD Provisioning service now supports two new functions, randomString() and Redact():
126
+
- randomString - generate a string based on the length and characters you would like to include or exclude in your string.
127
+
- redact - remove the value of the attribute from the audit and provisioning logs. [Learn more](../app-provisioning/functions-for-customizing-application-data.md#randomstring).
128
+
129
+
---
130
+
131
+
### General availability - Now access review creators can select users and groups to receive notification on completion of reviews
132
+
133
+
**Type:** New feature
134
+
**Service category:** Access Reviews
135
+
**Product capability:** Identity Governance
136
+
137
+
Now access review creators can select users and groups to receive notification on completion of reviews. [Learn more](../governance/create-access-review.md).
138
+
139
+
---
140
+
141
+
### General availability - Azure AD users can now view and report suspicious sign-ins and manage their accounts within Microsoft Authenticator
This feature allows Azure AD users to manage their work or school accounts within the Microsoft Authenticator app. The management features will allow users to view sign-in history and sign-in activity. Users can also report any suspicious or unfamiliar activity, change their Azure AD account passwords, and update the account's security information.
148
+
149
+
For more information on how to use this feature visit [View and search your recent sign-in activity from the My Sign-ins page](../user-help/my-account-portal-sign-ins-page.md).
150
+
151
+
---
152
+
153
+
### General availability - New Microsoft Authenticator app icon
New updates have been made to the Microsoft Authenticator app icon. To learn more about these updates, see the [Microsoft Authenticator app](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/microsoft-authenticator-app-easier-ways-to-add-or-manage/ba-p/2464408) blog post.
160
+
161
+
---
162
+
163
+
### General availability - Azure AD single Sign-on and device-based Conditional Access support in Firefox on Windows 10/11
164
+
165
+
**Type:** New feature
166
+
**Service category:** Authentications (Logins)
167
+
**Product capability:** SSO
168
+
169
+
We now support native single sign-on (SSO) support and device-based Conditional Access to Firefox browser on Windows 10 and Windows Server 2019 starting in Firefox version 91. [Learn more](../conditional-access/require-managed-devices.md#prerequisites).
170
+
171
+
---
172
+
173
+
### New provisioning connectors in the Azure AD Application Gallery - November 2021
174
+
175
+
**Type:** New feature
176
+
**Service category:** App Provisioning
177
+
**Product capability:** 3rd Party Integration
178
+
179
+
You can now automate creating, updating, and deleting user accounts for these newly integrated apps:
For more information about how to better secure your organization by using automated user account provisioning, see [Automate user provisioning to SaaS applications with Azure AD](../manage-apps/user-provisioning.md).
201
+
202
+
---
203
+
204
+
### New Federated Apps available in Azure AD Application gallery - November 2021
205
+
206
+
**Type:** New feature
207
+
**Service category:** Enterprise Apps
208
+
**Product capability:** 3rd Party Integration
209
+
210
+
In November 2021, we have added following 32 new applications in our App gallery with Federation support:
You can also find the documentation of all the applications [here](../saas-apps/tutorial-list.md).
215
+
216
+
For listing your application in the Azure AD app gallery, read the details [here](../manage-apps/v2-howto-app-gallery-listing.md).
217
+
218
+
---
219
+
220
+
### Updated "switch organizations" user experience in My Account.
221
+
222
+
**Type:** Changed feature
223
+
**Service category:** My Profile/Account
224
+
**Product capability:** End User Experiences
225
+
226
+
Updated "switch organizations" user interface in My Account. This visually improves the UI and provides the end-user with clear instructions. Added a manage organizations link to blade per customer feedback. [Learn more](https://support.microsoft.com/account-billing/switch-organizations-in-your-work-or-school-account-portals-c54c32c9-2f62-4fad-8c23-2825ed49d146).
227
+
228
+
---
229
+
34
230
## October 2021
35
231
36
232
### Limits on the number of configured API permissions for an application registration will be enforced starting in October 2021
0 commit comments