Application management policies add support for Identifier URIs restrictions

Few years back, Microsoft released a set of new policy objects, allowing us to impose restrictions on the credentials used for service principal and application objects. In a nutshell, an application management policy can be used to control the type of credentials that can be configured for any given SP/application …

Continue readingApplication management policies add support for Identifier URIs restrictions

Legacy MFA settings in the Entra portal and how to control them programmatically

Did you know that the legacy MFA settings have been “ported” to the Entra Admin portal? Not only you can access and manage them therein, but you can also take advantage of this integration in order to enable programmatic access to said settings. Read the article to find out how! …

Continue readingLegacy MFA settings in the Entra portal and how to control them programmatically

“Sequence” events in the Entra Audit log and how to work with them

A question over at Q&A highlighted some changes in the way Microsoft is generating Entra audit log records for license operations. We have talked about issues surrounding this process a lot in the past, for example in this article over at Practical 365. Apart from missing entries, a common pain …

Continue reading“Sequence” events in the Entra Audit log and how to work with them

How to manage Entra ID delegate permissions for specific users

In this article, we will detail how to manage delegate permissions (OAuth2PermissionGrant) for any Entra ID integrated application on a per-user basis via the Graph API or the Graph SDK for PowerShell. With this knowledge at hand, you should never have to add tenant-wide consents again! …

Continue readingHow to manage Entra ID delegate permissions for specific users