Welcome to our rundown of the latest updates in Microsoft Entra for December 2023. We’ve rolled out a range of enhancements, from new single sign-on (SSO) capabilities to more refined identity governance tools—useful for any software developer navigating the ever-evolving world of identity and access management. These updates can significantly streamline your workflow and security processes. You’ll find key information about these developments as well as links to further guidance, helping you integrate these updates effectively into your projects. Let’s dive in.

Generally Available (GA) feature release updates

• Single sign-on and passwordless authentication for Azure Virtual Desktop and Windows 365: Elevating both security and user experience, the new single sign-on (SSO) and passwordless authentication for Azure Virtual Desktop and Windows 365 are now generally available. Embrace a world where phish-resistant credentials are the norm, satisfying Executive Order requirements in the United States.

• Custom security attributes: Tailor access control with business-specific attributes for Microsoft Entra objects. These key-value pairs can be used for things like extending user profiles to add a salary attribute to all employees.
  However, they are not just about storing information; they’re powerful tools for categorizing objects and enforcing precise access control over Azure resources, based on the attributes.

• Azure ABAC conditions: Gain more control over Azure Blob Storage with access authorization based on blob index tags and custom security attributes assigned to users or applications.

• Rich notifications in Microsoft Graph: Stay updated seamlessly. Subscribe to changes in your data and receive rich, encrypted notifications via webhooks and other methods, enhancing both security and convenience.

New public previews

• Last successful sign-in date tracking: Keep track of user activity more effectively with the new signInActivity API feature that shows the last successful sign-in time.
  Note: Data will not be backfilled for this property, so you should expect to be returned only successful sign-in data starting 8 Dec.

• Microsoft Security Service Edge – client support for Windows: For both Microsoft Entra Internet Access and Microsoft Entra Private Access, we now add a client supporting Windows.

• Microsoft Security Service Edge – increased points of presence coverage: Microsoft Security Service Edge is now available globally (except in China and Russia) with more points of presence added in the future.

Workshop on-demand recordings

• Microsoft identity platform: Explore modern authentication and authorization foundations and adding authentication to an app and learn about token customization and best practices for protecting an API.

• Identity workshop: Explore what the Microsoft identity platform provides for developers, principles of modern authentication, and migrating apps from ADAL to Microsoft authentication library (MSAL).

News, updates, and resources

• New applications that support user provisioning and SSO were added to the Microsoft Entra ID app gallery in Oct 2023.

• Find out how to identify inactive users by using the Microsoft Entra ID Governance Access Reviews.

• If you are planning to deploy API-driven inbound provisioning, review the updated licensing requirements.

• Learn how Azure Confidential Computing helps enforce zero-trust principals down to a hardware level and the other use cases it enables.

Identity blog

• Gain insights into how you can enforce security best practices such as not allowing self-signed certificates in your applications by ⁠implementing Trusted Certificate Authorities with app management policies.

• Understand the importance of smooth and brand-aligned login processes with Native Authentication and the impact it has on customer satisfaction and loyalty. We invite you to take an early look at work we’re doing to help you make your mobile app login journeys more user-friendly and in line with your brand’s identity.

• Read about why SPA developers should leverage the auth code flow with PKCE for improved resiliency, security, and UX when third-party cookies are blocked by a browser.

Videos

• Check out recent videos from the Microsoft Security YouTube channel and The 425 Show.

  • Microsoft Entra External ID CIAM Series

  • Getting Started With Microsoft Entra Verified ID

Stay connected and informed

This blog post aims to keep you informed and engaged with the latest Microsoft Entra developments, helping you harness these new features and capabilities in your identity development journey.

To learn more or test out features in the Microsoft Entra suite of products, visit our developer center. Make sure you subscribe to the Identity blog for more insights and to keep up with the latest on all things Identity. And, follow us on YouTube for video overviews, tutorials, and deep dives.