Microsoft Adds App Delegation Capability to Azure Active Directory

Microsoft has updated Azure Active Directory Premium, adding a new capability to delegate application access rights.

IT pros can designate certain users within an organization to have the authority to assign access to applications. This app "self-provisioning" capability was at the preview stage back in April, but Microsoft announced this week that it has now reached "general availability," or commercial-release status.

The application delegation capability works with "all pre-integrated apps that support federated or password-based single sign-on in the Azure Active Directory app gallery, including apps like Salesforce, Dropbox, Google Apps, and more," Microsoft explained in April. Users with the authority to grant access to apps have to be managed using Azure Active Directory.

App administrators with single sign-on passwords also can be assigned the ability to "set the app usernames and passwords," Microsoft's announcement explained.

All pure Azure Active Directory-managed users have a self-service password reset capability for Office 365 applications, according to a recent Q&A blog post by the Active Directory Azure team. However, this password reset capability needs to be set up first. That's done using either the Azure Management Portal or the Office Administration Portal.

Microsoft this month also turned on a custom roles assignment capability for organizations with Azure Active Directory subscriptions. The custom roles capability, now at general availability status, lets IT pros modify the generic templates included with the Roles Based Access Control feature. It's conceived as a security feature to better limit user resource access.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Microsoft Starting To Roll Out New Excel Connected Data Types

    Microsoft on Thursday announced some Excel and Power BI enhancements that add "connected data types" on top of the standard strings and numbers options.

  • Windows 10 Users Getting New Process for Finding Optional Driver Updates

    Accessing Windows 10 drivers classified as "optional updates" will be more of a manual seek-and-install type of experience, starting on Nov. 5, 2020, Microsoft explained in a Wednesday announcement.

  • Microsoft Changes Privacy Platform Name to SmartNoise

    Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.

  • Why Restarting a Failed SCVMM Job Might Be a Bad Idea

    Occasionally, restarting a failed System Center Virtual Machine Manager job can leave your virtualization infrastructure in an unknown state. Here's how to avoid that.

comments powered by Disqus