π£ New blog article β¬οΈ
blog.samueleng.se/posts/2025-1...
Conditional Access Back to Basics - What are "Cloud Apps" and why can't I find my app in the picker?
#conditionalaccess #entra #entraid
π£ New blog article
RDP connection to a Microsoft Entraβjoined machine using Entra ID cloud account from macOS is not as straightforward as it seems.
blog.samueleng.se/posts/2025-0...
Block password additions is a massive security enhancement π
Got it π I really appreciate your response
@danielbradley.bsky.social Really enjoyed the Entra Docs Tracker, great idea, and thank you! π Any plans to open-source it? Iβm thinking about other MS Docs repos Iβd like to track.
Tagging additional Entra authorities for possible answers π @fabian.bader.cloud @dirkjanm.io
I see. My initial thought was that the attribute serves as a proxy indicator for the type of service principal (i.e., whether CA can be applied).
Does anyone know why the Conditional Access app picker applies the filter servicePrincipals?$filter=preferredSingleSignOnMode ne 'notSupported'? Is there any correlation with public vs. confidential clients or web vs. mobile clients? @merill.net @cbrhh.bsky.social @nathanmcnulty.com
Well deserved @nathanmcnulty.com! ππ
I can confirm that I tried it in my lab tenant, and it is working as expected. π
ππI admire your dedication π
Out of curiosity, what did you base your announcement on? π
Great news! Are there any updates on Learn or official announcements?
Ping @merill.net π
@merill.net Maester GitHub actions issue?
π£Β Highlighting two Microsoft Entra products working together - External Authentication Method (EAM) and SSE Private Access (ZTNA)
www.linkedin.com/posts/samuel...
#sse #sase #microsoft #entra #entraid
Great content! π
Excellent news! Is it too much to ask for the inclusion of Workload ID premium features for this app? π
π―agree. Since all network destinations and segments are represented by an app, the possibilities become limitless. Combine this with Entra ID Governance for self-service, approval, access review, and audit trails π₯π₯
Today is the day folks.
The new and updated Bluesky.ms is now live!
Go add yourself. I'll share a detailed step by step...
Thank you for a great video π
Entra supports attenstation of the Microsoft Authenticator app (iOS/Android)
iOS: Uses the iOS App Attest service
Android: Uses the Play Integrity API
Once we have native built-in capabilities to remove or scramble the password in Entra, passwordless options for self-remediation of ID protection risks, universal passkey support et.c., everything will come together.
By the way, am I misunderstanding this? @merill.net
Got it, I appreciate you taking the time to respond.
A user has a passkey and MS auth app with push registered, and initiates a SSPR. The SSPR wizard suggests verification with app + push (and no other alternatives). Why not the most secure way, using the passkey? Any idea? @merill.net @jeftek.com @nathanmcnulty.com
Does @ mentioning work for Linkedin?
Would have loved BYOD/unmanaged device support in H1 2025 instead
MFA requirement for Register security information, using TAP for secure bootstrapping to phishing-resistant authentication methods such as passkeys. This is the way.
Iβm referring to this capability with a DC agent.
techcommunity.microsoft.com/blog/identit...
Then I guess "On-prem MFA" will require the full SKU?
