Microsoft has unveiled forthcoming enhancements to its Entra cross-tenant access settings, a feature designed to bolster organizational collaborations. The improvements are set to be introduced in the third quarter of this year.
They are expected to provide organizations with more flexibility and control over their collaborations, addressing previous limitations and improving user experiences.
Custom Roles and Protected Actions
According to the official announcement by Microsoft, users can now create custom roles to manage cross-tenant access settings. Previously, only Global or Security admins could fully manage these settings. The new feature allows for the creation of roles like cross-tenant access administrator, partner administrator, and cross-tenant access reader. This ensures that rights are delegated appropriately without granting excessive permissions.
No More Partner Limits
Microsoft has addressed the previous limitation on the number of partners enabled via cross-tenant access settings. They've introduced a new model where each partner has its own policy. This change means organizations can “add as many partners as required,” as stated in the official announcement.
Improved Invitation Process
In the past, organizations could send B2B invitations even to users who were blocked in cross-tenant access settings. This often led to confusion when such users tried to redeem the invite but were blocked. Microsoft has refined this process. Now, B2B invitations respect cross-tenant access settings, ensuring that blocked users won't receive invitations.
Recent Entra ID API Provisioning
At the end of August, Microsoft unveiled API-driven provisioning support for Microsoft Entra ID, previously known as Azure Active Directory. With this new feature, businesses can easily connect their different sources of HR data, such as HR apps, payroll apps, SQL tables, and spreadsheets, with Azure AD provisioning. This feature helps businesses keep their HR data in sync with Microsoft Entra ID, which is a service that helps them protect their data and follow the rules.
Azure Active Directory (Azure AD) is now called Microsoft Entra ID. It's not just a new name, but a big upgrade that adds new things and makes it better. For example, Microsoft Entra ID will let organizations use federated identities, which means they can easily work with other organizations and cloud services.
This is part of Microsoft's plan to change the name of its identity and access management (IAM) products to Microsoft Entra. This will make it easier for customers to choose the right products and make the products simpler. It will also help customers use their identities with different Microsoft products and services with one IAM solution.