In privilege identity management, we can enforce MFA verification during the activation process. When this setting is in place, eligible users should have valid MFA claims to proceed with the role activation. But now we can use conditional access policies with PIM role activation. This will allow us to enforce more advanced controls than MFA on role activation. As an example, before the user…
In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by using Microsoft Entra lifecycle workflows. You can access it using https://www.rebeladmin.com/2022/11/step-by-step-guide-automate-jmljoiners-movers-leavers-process-with-microsoft-entra-lifecycle-workflows/#more-6030 . In this article, I used employeeHireDate Azure AD attribute value to trigger the…
In an organization, users are required access to many different groups, applications, and sites to do their day-to-day tasks. Sometimes there can be external organizations that also required access to these various resources. As access requirements change frequently, it is quite challenging for IT administrators to manage access. As a solution to this problem, we can use Entra ID access packages…
In my previous blog post, I have explained how we can collect custom attribute values by using Entra ID user flows. We had custom attributes setup in Entra ID and when a guest user accesses an application for the first time, the values for these custom attributes will be collected by using user flows. Entra ID entitlement management feature does identity governance by allowing organizations to…