Microsoft Adds App Delegation Capability to Azure Active Directory

Microsoft has updated Azure Active Directory Premium, adding a new capability to delegate application access rights.

IT pros can designate certain users within an organization to have the authority to assign access to applications. This app "self-provisioning" capability was at the preview stage back in April, but Microsoft announced this week that it has now reached "general availability," or commercial-release status.

The application delegation capability works with "all pre-integrated apps that support federated or password-based single sign-on in the Azure Active Directory app gallery, including apps like Salesforce, Dropbox, Google Apps, and more," Microsoft explained in April. Users with the authority to grant access to apps have to be managed using Azure Active Directory.

App administrators with single sign-on passwords also can be assigned the ability to "set the app usernames and passwords," Microsoft's announcement explained.

All pure Azure Active Directory-managed users have a self-service password reset capability for Office 365 applications, according to a recent Q&A blog post by the Active Directory Azure team. However, this password reset capability needs to be set up first. That's done using either the Azure Management Portal or the Office Administration Portal.

Microsoft this month also turned on a custom roles assignment capability for organizations with Azure Active Directory subscriptions. The custom roles capability, now at general availability status, lets IT pros modify the generic templates included with the Roles Based Access Control feature. It's conceived as a security feature to better limit user resource access.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.