July 2024: A look at the latest Microsoft Entra key feature releases, announcements, and updates

Adam Matthews

Welcome to the July edition of our monthly developer update, summarizing the latest news and developments in Microsoft Entra. This month, we bring you several enhancements that can streamline your workflow and bolster your security processes. From new public previews to key updates and announcements, we’ve got a lot to cover.

We highlight new public previews, including the Microsoft Entra PowerShell module and an improved authentication experience with Azure App Service. Additionally, we provide key updates on managing user status for multifactor authentication through Microsoft Graph API, enhancements to the Microsoft Authenticator app UX, and upcoming security improvements for Apple devices with Microsoft Entra ID.

Read on to learn about all the latest features and updates that can help you make the most of Microsoft Entra.

New public previews

• Microsoft Entra PowerShell module: This new module is built on top of Microsoft Graph PowerShell. During the initial phase, it provides cmdlet parity with Azure AD PowerShell and MSOL, with more Microsoft Entra product family cmdlets to come. The module is open source, allowing anyone to contribute and build their scenarios and examples.

• Microsoft Entra External ID – easy authentication with Azure App Service: We’ve enhanced the experience of using Microsoft Entra External ID as an identity provider for Azure App Service’s built-in authentication, simplifying the process of configuring authentication and authorization for external-facing apps. You can complete the initial configuration directly from the App Service authentication setup without switching into the external tenant. Since our previous blog post, we’ve also added the ability to create a new external tenant, so your setup won’t be blocked if you don’t already have one.

• Admin access to ADAL application auth data using Sign-Ins Workbooks: Microsoft Entra strongly recommends moving from ADAL to MSAL to improve the resilience and security posture of your applications. The Sign-ins Workbook in the Microsoft Entra admin center provides a centralized overview of apps using ADAL within your tenant. It consolidates logs from various types of sign-in events, including interactive, non-interactive, and service principal sign-ins across your tenant, enabling you to effectively assess, validate, and transition all applications using ADAL.

News, updates, and resources

• Starting June 2024, you can manage user status (Enforced, Enabled, Disabled) for per-user multifactor authentication through Microsoft Graph API. This replaces the legacy Microsoft Online PowerShell module.

  • Please be aware that the recommended approach to protect users with Microsoft Entra multifactor authentication is Conditional Access (for licensed organizations) and security defaults (for Microsoft Entra ID Free organizations). The public documentation will be updated once we release the new experience.

• Enhancements for the Microsoft Authenticator app UX roll out in July. Key actions will be categorized for better readability: credentials configured in the app, additional sign-in methods, and account management options.

• Starting in July 2024 and completing rollout by end of August, we will roll out enhancements within the device code flow to ensure a more secure and precise user experience. We adjusted headers, calls to action, and added details like location and app name to enhance security and prevent unauthorized access.

• In August 2024, we will release a private preview for QR code sign-in. This feature will be visible on mobile devices for users in participating tenants, with broader testing in public preview to be announced later.

• To enhance security for Apple devices, Microsoft Entra ID will support the binding of device identity keys to Apple’s Secure Enclave hardware, which will replace previous keychain-based mechanisms. Starting in June 2026, all new Microsoft Entra ID registrations will be bound to the Secure Enclave. As a result, all customers will need to adopt the Microsoft Enterprise SSO plug-in and some of the apps may need to make code changes to adopt the new Secure Enclave based device identity. Before Microsoft Entra enables Secure Enclave by default for all new registrations, we encourage tenants to perform early testing. This will help to identify any compatibility issues, where you may need to request code changes from app or MDM vendors.

• We’re sharing an update on the announcement that Microsoft will require multi-factor authentication (MFA) for users signing into Azure. In this post, we share clarifications on the scope, timing, and implementation details, along with guidance for preparation.

• Learn what’s new in Microsoft Entra, such as the latest release notes, known issues, bug fixes, deprecation functionality, and upcoming changes. You can find releases specific for Sovereign Clouds on a dedicated release notes page.

Identity blog

• ICYMI: An overview of the latest updates in Microsoft Entra for Jun 2024. Discover how these new capabilities can be integrated into your projects for optimal performance and security.

• Celebrating the first billion downloads of the Microsoft Authentication Library for .NET.

• This blog post highlights the need for better identity verification methods to prevent fraud and impersonation. Microsoft Entra Verified ID’s Face Check, showcased at Microsoft Build 2024, enhances security by comparing live selfies with trusted photos, effectively preventing unauthorized access and detecting spoofing techniques.

• Discover an exciting new plugin in the Chat Copilot sample app from the Semantic Kernel team. This plugin lets an AI Agent call Microsoft Graph APIs secured by Microsoft Entra ID using the On-Behalf-Of (OBO) flow.

• This blog post, the second in a three-part series, explores how to build a web application with decoupled authentication and authorization using Microsoft Entra External ID and Cerbos. The focus is on practical implementation, demonstrating how to integrate these tools to secure your web application.

Videos

• New videos in the Microsoft Security YouTube Channel:
  • How to Deploy Risk-Based Policies with Microsoft Entra ID
  • Get started with OAuth 2.0 On-Behalf-Of flow
  • Configure Microsoft Certificate Based Authentication
  • Configure User Experience in Microsoft Entra Certificate Based Authentication
  • Windows Hello for Business and Cloud Kerberos Trust Provisioning

Stay connected and informed 

This blog post aims to keep you informed and engaged with the latest Microsoft Entra developments, helping you harness these new features and capabilities in your identity development journey.

To learn more or test out features in the Microsoft Entra portfolio, visit our new developer center. Make sure you subscribe to the Identity developer blog for more insights and to keep up with the latest on all things Identity. And, follow us on YouTube for video overviews, tutorials, and deep dives. 

Stay tuned for more updates and developments in the world of Microsoft Entra!

Adam Matthews | Content Writer

Follow