Welcome to the May edition of our monthly developer update, summarizing the latest news and developments in the ever-evolving world of Microsoft Entra.

We’ve recently rolled out several enhancements that will streamline your development workflow, including custom authentication extensions, which have moved to General Availability. Additionally, native authentication for Microsoft Entra External ID, passkeys in the Microsoft Authenticator app, and an improved configuration experience when using Microsoft Entra External ID with Azure App Service’s built-in authentication are available in public preview.

You’ll find key information about these developments in this blog post as well as links to further guidance, helping you integrate these updates into your applications.

What went Generally Available (GA) since April 2024?

• Custom authentication extensions: This feature allows you to customize the Microsoft Entra authentication experience by integrating with external systems. A custom claims provider is a type of custom authentication extension that calls a REST API to fetch claims from external systems. Claims are mapped from external systems into tokens and can be assigned to one or many applications in your directory.

New public previews

• Native authentication for Microsoft Entra External ID: Using native authentication APIs or the MSAL SDK for Android and iOS, you can now create seamless authentication experiences for your customer-facing mobile applications without delegating to a browser. The login interface is hosted on the client application, and the application’s look and feel is controlled in app code—enabling you to create authentication screens that blend seamlessly with their app interface.

• An improved configuration experience when using Microsoft Entra External ID with Azure App Service’s built-in authentication: Azure App Service provides built-in authentication and authorization capabilities, so you can sign in users and access data by writing minimal or no code in your web app, RESTful API, and mobile back end, and also Azure Functions.

• Passkeys in Microsoft Authenticator app: Users can now create device-bound passkeys in the Microsoft Authenticator app to access Microsoft Entra ID resources. Passkeys in the app provide cost-effective, scalable, standards-based phishing-resistant authentication from a user’s mobile device while simultaneously providing for a seamless user experience.

• FIDO2 authentication in Android web browsers: Users can now sign in with a FIDO2 security key in Chrome and Edge on Android. This change is applicable to all users who are in scope for the FIDO2 authentication method. FIDO2 registration in Android web browsers is not available yet.

News, updates, and resources

• The Xamarin and UWP versions of MSAL.NET are being deprecated, starting with MSAL.NET 4.61.0.
• The registration campaign prompt is now visible on embedded browser views in certain applications. We don’t nudge users in out-of-the-box experiences or in browser views embedded in Windows settings.
• New applications added to the Microsoft Entra ID app gallery in April 2024 supporting user provisioning.
• Check out the details on the newly added Microsoft Entra identity skills to Microsoft Copilot for Security.
• Learn more about how to integrate Oracle HCM with Microsoft Entra ID using the Inbound Provisioning API.
• Configure Microsoft cloud services for the DoD Zero Trust Strategy: This guidance aligns 45 Zero Trust capabilities with prescriptive guidance for completing 152 Zero Trust activities with Microsoft cloud services. It provides activity-level guidance based on activity descriptions and outcomes in the context of the activity parent capability.
• Learn what’s new in Microsoft Entra, such as the latest release notes, known issues, bug fixes, deprecation functionality, and upcoming changes. You can find releases specific for Sovereign Clouds on a dedicated release notes page.

Identity blog

• ICYMI: An overview of the latest updates in Microsoft Entra for April 2024. Discover how these new capabilities can be integrated into your projects for optimal performance and security.
• Announcing the deprecation of the Xamarin and UWP versions of MSAL.NET starting with MSAL.NET 4.61.0.
• Announcing the public preview of an improved configuration experience when using Microsoft Entra External ID with Azure App Service, simplifying authentication and authorization for external-facing apps so you can focus on your application’s core features.
• Building on the foundations laid out in an earlier blog post on IAM basics, this blog post dives into the world of application types and authentication flows.

Stay connected and informed

This blog post aims to keep you informed and engaged with the latest Microsoft Entra developments, helping you harness these new features and capabilities in your identity development journey.

To learn more or test out features in the Microsoft Entra suite of products, visit our developer center. Make sure you subscribe to the Identity blog for more insights and to keep up with the latest on all things Identity. And, follow us on YouTube for video overviews, tutorials, and deep dives.