MODIFIED docs/fundamentals/whats-new.md

Modified by Ortagus Winfrey on Jun 23, 2026 10:29 AM
📖 View on learn.microsoft.com

+1209 / -1258 lines changed

Commit: Archive December 2025 entries from whats-new.md (#13614)

Changes:

Before

After

title: Microsoft Entra releases and announcements
description: Learn what is new with Microsoft Entra, such as the latest release notes, known issues, bug fixes, deprecated functionality, and upcoming changes.
manager: dougeby
featureFlags:
 - clicktale
ms.assetid: 06a149f7-4aa1-4fb9-a8ec-ac2633b031fb
ms.topic: reference
ms.date: 06/17/2026
ms.reviewer: dhanyahk
ms.custom: it-pro, has-azure-ad-ps-ref, sfi-ga-nochange
ms.collection: M365-identity-device-management
#Customer Intent: As an IT admin, I want to review the latest Microsoft Entra releases and announcements so that I can stay current with product updates.

# Microsoft Entra releases and announcements

This article provides information about the latest releases and change announcements across the Microsoft Entra family of products over the last six months (updated monthly). If you're looking for information that's older than six months, see: [Archive for What's new in Microsoft Entra](whats-new-archive.md).

> Get notified about when to revisit this page for updates by copying and pasting this URL: `https://learn.microsoft.com/api/search/rss?search=%22Release+notes+-+Azure+Active+Directory%22&locale=en-us` into your ![RSS feed reader icon](./media/whats-new/feed-icon-16x16.png) feed reader.

## May 2026

---
title: Microsoft Entra releases and announcements
description: Learn what is new with Microsoft Entra, such as the latest release notes, known issues, bug fixes, deprecated functionality, and upcoming changes.
manager: dougeby
featureFlags:
 - clicktale
ms.assetid: 06a149f7-4aa1-4fb9-a8ec-ac2633b031fb
ms.topic: reference
ms.date: 06/17/2026
ms.reviewer: dhanyahk
ms.custom: it-pro, has-azure-ad-ps-ref, sfi-ga-nochange
ms.collection: M365-identity-device-management
#Customer Intent: As an IT admin, I want to review the latest Microsoft Entra releases and announcements so that I can stay current with product updates.
---
 
# Microsoft Entra releases and announcements
 
This article provides information about the latest releases and change announcements across the Microsoft Entra family of products over the last six months (updated monthly). If you're looking for information that's older than six months, see: [Archive for What's new in Microsoft Entra](whats-new-archive.md).
 
> Get notified about when to revisit this page for updates by copying and pasting this URL: `https://learn.microsoft.com/api/search/rss?search=%22Release+notes+-+Azure+Active+Directory%22&locale=en-us` into your ![RSS feed reader icon](./media/whats-new/feed-icon-16x16.png) feed reader.

MODIFIED docs/fundamentals/whats-new-archive.md

Modified by Ortagus Winfrey on Jun 23, 2026 10:29 AM
📖 View on learn.microsoft.com

+136 / -0 lines changed

Commit: Archive December 2025 entries from whats-new.md (#13614)

Changes:

Before

After

---
 
## November 2025
 
### Public Preview - Microsoft Entra ID Account Recovery

---
 
## December 2025
 
### General Availability - Modernizing Microsoft Entra ID auth flows with WebView2 in Windows 11
 
**Type:** New feature  
**Service category:** Authentications (Logins)  
**Product capability:** SSO  
 
Windows has many user experiences that use webview’s to gather web information to present web information to users that looks like native content. One of the common scenarios for this is for authentication flows, where a user is prompted for their username and provides credentials. 
 
Microsoft Entra ID app sign-in through Web Account Manager (WAM) now has the option to be powered by WebView2, the Chromium-based web control, starting with [KB5072033 (OS Builds 26200.7462 and 26100.7462) or later](https://support.microsoft.com/topic/december-9-2025-kb5072033-os-builds-26200-7462-and-26100-7462-0c1a4334-19ba-406d-bb1e-88fcffc87b79). This release marks a significant step forward in delivering a secure, modern, and consistent sign-in experience across apps and services.  
 
WebView2 will become the default framework for WAM authentication in an expected future Windows release, with the EdgeHTML WebView being deprecated. Therefore, we encourage users to deploy now and participate in the opt-in process, enable this experience in their environments, and make any necessary adjustments — such as updating proxy rules or modifying code in services involved in the sign in process. Contact Customer Support Services if you'd like to provide feedback.
 
Moving to WebView2 is more than a technical upgrade, it’s a strategic investment in secure, user-friendly identity experiences. We’re committed to evolving Microsoft Entra ID to meet the needs of modern organizations and developers.  
  
For more information, see:

MODIFIED docs/identity/enterprise-apps/what-is-single-sign-on.md

Modified by Jackline Omondi on Jun 23, 2026 2:27 PM
📖 View on learn.microsoft.com

+82 / -31 lines changed

Commit: Add SSO onboarding articles for ISV app developers (#13546)

Changes:

Before

After

---
title: What is single sign-on?
description: Learn about single sign-on for enterprise applications in Microsoft Entra ID.
 
ms.topic: overview
ms.date: 09/30/2024
ms.reviewer: alamaral
ms.custom: enterprise-apps-article
 
# Customer intent: As an IT admin responsible for managing user access to applications, I want to understand the different single sign-on (SSO) options available in Microsoft Entra ID, so that I can plan and deploy SSO for our organization's applications efficiently.
---
 
# What is single sign-on in Microsoft Entra ID?
 
This article provides you with information about the single sign-on (SSO) options that are available to you. It also outlines an introduction to planning a single sign-on deployment when using Microsoft Entra ID. Single sign-on is an authentication method that allows users to sign in using one set of credentials to multiple independent software systems. Using SSO means a user doesn't have to sign in to every application they use. With SSO, users can access all needed applications without being required to authenticate using different credentials. For a brief introduction, see [Microsoft Entra single sign-on](https://azure.microsoft.com/services/active-directory/sso/#overview).
 
Many applications already exist in Microsoft Entra ID that you can use with SSO. You have several options for SSO depending on the needs of the application and how it's implemented. Take time to plan your SSO deployment before you create applications in Microsoft Entra ID. The management of applications can be made easier by using the My Apps portal.
 
## Single sign-on options
 

---
title: What is single sign-on (SSO) in Microsoft Entra ID?
description: Learn about single sign-on for enterprise applications in Microsoft Entra ID, including SAML and OpenID Connect protocols.
 
author: omondiatieno
manager: mwongerapk
ms.service: entra-id
ms.subservice: enterprise-apps
 
ms.topic: overview
ms.date: 06/04/2026
ms.author: jomondi
ms.reviewer: alamaral
ms.custom: enterprise-apps-article, msecd-doc-authoring-1013
ai-usage: ai-assisted
 
# Customer intent: As an ISV application developer or IT administrator, I want to understand what single sign-on is, its benefits, and available options in Microsoft Entra ID, so I can implement or manage SSO effectively for my application or organization.
---
 
# What is single sign-on in Microsoft Entra ID?

MODIFIED docs/identity/enterprise-apps/v2-howto-app-gallery-listing.md

Modified by Jackline Omondi on Jun 23, 2026 2:27 PM
📖 View on learn.microsoft.com

+37 / -24 lines changed

Commit: Add SSO onboarding articles for ISV app developers (#13546)

Changes:

Before

After

description: Learn how to publish your application in Microsoft Entra application gallery.
ms.topic: how-to
 
ms.date: 10/09/2024
ms.reviewer: jeedes
ms.custom: kr2b-contr-experiment, enterprise-apps-article
 
#customer intent: As a developer, I want to learn about the requirement for submitting my application to the Microsoft Entra application gallery, so that it can be publicly available for users to add to their tenants.
---
 
You can sign up for a free, test Development account. It's free for 90 days and you get all of the premium Microsoft Entra features with it. You can also extend the account if you use it for development work: [Join the Microsoft 365 Developer Program](/office/developer-program/microsoft-365-developer-program).
 
### Checklist for applications supporting SSO
Here's the quick checklist for you before you submit the application request to list your application in Microsoft Entra App Gallery.
 
#### SAML single sign-on application requirements
 
The following requirements apply to SAML-based SSO applications.
 
#### Authentication requirements

description: Learn how to publish your application in Microsoft Entra application gallery.
ms.topic: how-to
 
ms.date: 06/22/2026
ms.reviewer: jeedes
ms.custom: kr2b-contr-experiment, enterprise-apps-article
ai-usage: ai-assisted
 
#customer intent: As a developer, I want to learn about the requirement for submitting my application to the Microsoft Entra application gallery, so that it can be publicly available for users to add to their tenants.
---
 
You can sign up for a free, test Development account. It's free for 90 days and you get all of the premium Microsoft Entra features with it. You can also extend the account if you use it for development work: [Join the Microsoft 365 Developer Program](/office/developer-program/microsoft-365-developer-program).
 
## Checklist for applications that support SSO
 
Review this checklist before you submit a request to list your application in the Microsoft Entra application gallery.
 
### SAML SSO requirements
 
These requirements apply to SAML-based single sign-on (SSO) applications.

MODIFIED docs/identity/authentication/how-to-authentication-entra-passkeys-on-windows.md

Modified by Justin Hall on Jun 23, 2026 9:58 PM
📖 View on learn.microsoft.com

+49 / -0 lines changed

Commit: Add AAGUID-targeting passkey profile examples for Windows (#13481)

Changes:

Before

After

ms.subservice: authentication
ms.collection: msec-ai-copilot
ms.custom: msecd-doc-authoring-106
---
 
# Enable Microsoft Entra passkey on Windows
 
Attestation isn't supported for Microsoft Entra passkey on Windows. As a result, if **Enforce attestation** is selected in a passkey profile, passkey registration attempts to Windows Hello will fail.
 
## How to configure passkeys on Windows
 
To enable registration, you need to meet all of the following prerequisites and configuration requirements.
 
:::image type="content" border="true" source="media/how-to-authentication-entra-passkeys-on-windows/passkey-on-windows-profile.png" alt-text="Screenshot of the Add passkey profile settings showing Enforce attestation cleared and Passkey types set to Device-bound.":::
 
## FAQ
 
**Question**: What is the use case for Microsoft Entra passkey on Windows?

ms.subservice: authentication
ms.collection: msec-ai-copilot
ms.custom: msecd-doc-authoring-106
ai-usage: ai-assisted
---
 
# Enable Microsoft Entra passkey on Windows
 
Attestation isn't supported for Microsoft Entra passkey on Windows. As a result, if **Enforce attestation** is selected in a passkey profile, passkey registration attempts to Windows Hello will fail.
 
## Supported Windows Hello passkey Authenticator Attestation GUIDs (AAGUIDs)
 
During public preview, Windows Hello passkeys are identified and controlled by using the following AAGUIDs. These AAGUIDs must be explicitly allowed in a passkey profile to enable registration.
 
| Windows Hello authenticator | AAGUID | Description |
|----|----|----|
| Windows Hello Hardware Authenticator | 08987058-cadc-4b81-b6e1-30de50dcbe96 | Private key stored in a hardware-based Trusted Platform Module (TPM). |
| Windows Hello VBS Hardware Authenticator | 9ddd1817-af5a-4672-a2b9-3e3dd95000a9 | Virtualization-based Security (VBS) uses hardware virtualization and the Windows hypervisor to store private keys in the host machine's TPM. |
| Windows Hello Software Authenticator | 6028b017-b1d4-4c02-b4b3-afcdafc96bb2 | Private key stored in a software-based TPM. |
 

MODIFIED docs/identity/domain-services/administration-concepts.md

Modified by Justin Hall on Jun 23, 2026 10:05 PM
📖 View on learn.microsoft.com

+25 / -22 lines changed

Commit: Add capacity guidance note to Domain Services SKUs table (#13602)

Changes:

Before

After

title: Management concepts for Microsoft Entra Domain Services | Microsoft Docs
description: Learn about how to administer a Microsoft Entra Domain Services managed domain and the behavior of user accounts and passwords
ms.topic: concept-article
ms.date: 01/21/2025
---
 
# Management concepts for user accounts, passwords, and administration in Microsoft Entra Domain Services
 
## Domain management
 
A managed domain is a DNS namespace and matching directory. In a managed domain, the domain controllers (DCs) that contain all the resources like users and groups, credentials, and policies are part of the managed service. For redundancy, two DCs are created as part of a managed domain. You can't sign in to these DCs to perform management tasks. Instead, you create a management VM that's joined to the managed domain, then install your regular AD DS management tools. You can use the Active Directory Administrative Center or Microsoft Management Console (MMC) snap-ins like DNS or Group Policy objects, for example.
 
## User account creation
 
User accounts can be created in a managed domain in multiple ways. Most user accounts are synchronized in from Microsoft Entra ID, which can also include user account synchronized from an on-premises AD DS environment. You can also manually create accounts directly in the managed domain. Some features, like initial password synchronization or password policy, behave differently depending on how and where user accounts are created.
 
* The user account can be synchronized in from Microsoft Entra ID. This includes cloud-only user accounts created directly in Microsoft Entra ID, and hybrid user accounts synchronized from an on-premises AD DS environment using Microsoft Entra Connect.
    * The majority of user accounts in a managed domain are created through the synchronization process from Microsoft Entra ID.
* The user account can be manually created in a managed domain, and doesn't exist in Microsoft Entra ID.
    * If you need to create service accounts for applications that only run in the managed domain, you can manually create them in the managed domain. As synchronization is one way from Microsoft Entra ID, user accounts created in the managed domain aren't synchronized back to Microsoft Entra ID.

title: Management concepts for Microsoft Entra Domain Services | Microsoft Docs
description: Learn about how to administer a Microsoft Entra Domain Services managed domain and the behavior of user accounts and passwords
ms.topic: concept-article
ms.date: 06/22/2026
ai-usage: ai-assisted
ms.custom: msecd-doc-authoring-1013
---
 
# Management concepts for user accounts, passwords, and administration in Microsoft Entra Domain Services
 
## Domain management
 
A managed domain is a DNS namespace and matching directory. In a managed domain, the domain controllers (DCs) that contain all the resources like users and groups, credentials, and policies are part of the managed service. For redundancy, two DCs are created as part of a managed domain. You can't sign in to these DCs to perform management tasks. Instead, you create a management virtual machine (VM) that's joined to the managed domain, then install your regular AD DS management tools. You can use the Active Directory Administrative Center or Microsoft Management Console (MMC) snap-ins like DNS or Group Policy objects, for example.
 
## User account creation
 
User accounts can be created in a managed domain in multiple ways. Most user accounts are synchronized in from Microsoft Entra ID, which can also include user account synchronized from an on-premises AD DS environment. You can also manually create accounts directly in the managed domain. Some features, like initial password synchronization or password policy, behave differently depending on how and where user accounts are created.
 
* The user account can be synchronized in from Microsoft Entra ID. It can be created directly in Microsoft Entra ID synchronized from an on-premises AD DS environment by using Microsoft Entra Connect.
* The user account can be manually created in a managed domain, and not exist in Microsoft Entra ID. If you need to create service accounts for applications that only run in the managed domain, you can manually create them in the managed domain. Synchronization is only one-way from Microsoft Entra ID, so user accounts that you create in the managed domain aren't synchronized back to Microsoft Entra ID.

MODIFIED docs/identity/hybrid/connect/reference-connect-version-history.md

Modified by Jackline Omondi on Jun 23, 2026 11:33 AM
📖 View on learn.microsoft.com

+4 / -40 lines changed

Commit: Update version history and remove 2.6.79.0 details

Changes:

Before

After

description: This article lists all releases of Microsoft Entra Connect and Azure AD Sync.
ms.assetid: ef2797d7-d440-4a9a-a648-db32ad137494
ms.topic: reference
ms.date: 06/22/2026
ms.subservice: hybrid-connect
ms.custom: no-azure-ad-ps-ref, sfi-ga-nochange
 
|[2.5.79.0](#25790)|23 Oct 2026 (12 months after release of 2.5.190.0)|
|[2.5.190.0](#251900)|02 Feb 2027 (12 months after release of 2.6.1.0)|
|[2.6.1.0](#2610)|10 Mar 2027 (12 months after release of 2.6.3.0)|
|[2.6.3.0](#2630)|22 Jun 2027 (12 months after release of 2.6.79.0)|
|[2.6.79.0](#26790)||
 
**All other versions are not supported**
 
 
To read more about autoupgrade, see [Microsoft Entra Connect: Automatic upgrade](how-to-connect-install-automatic-upgrade.md).
 
 
 

description: This article lists all releases of Microsoft Entra Connect and Azure AD Sync.
ms.assetid: ef2797d7-d440-4a9a-a648-db32ad137494
ms.topic: reference
ms.date: 06/23/2026
ms.subservice: hybrid-connect
ms.custom: no-azure-ad-ps-ref, sfi-ga-nochange
 
|[2.5.79.0](#25790)|23 Oct 2026 (12 months after release of 2.5.190.0)|
|[2.5.190.0](#251900)|02 Feb 2027 (12 months after release of 2.6.1.0)|
|[2.6.1.0](#2610)|10 Mar 2027 (12 months after release of 2.6.3.0)|
|[2.6.3.0](#2630)||
 
**All other versions are not supported**
 
 
To read more about autoupgrade, see [Microsoft Entra Connect: Automatic upgrade](how-to-connect-install-automatic-upgrade.md).
 
[!IMPORTANT]
Version 2.6.79.0 is no longer available for download. An issue was identified after release and the installer was recalled. Customers who had installed this version should un-install and install [latest available version (2.6.3.0)](#2630) of Microsoft Entra Connect Sync.
 

MODIFIED docs/fundamentals/concept-learn-about-groups.md

Modified by shlipsey3 on Jun 23, 2026 9:35 PM
📖 View on learn.microsoft.com

+5 / -5 lines changed

Commit: yml-conversion1-061926 (#13583)

Changes:

Before

After

  - For more information, see [Learn about Microsoft 365 Groups](https://support.office.com/article/learn-about-office-365-groups-b565caa1-5c40-40ef-9915-60fdb2d97fa2).
 
> [!NOTE]
> When nesting an existing security group to another security group, only members in the parent group have access to shared resources and applications. For more info about managing nested groups, see [How to manage groups](how-to-manage-groups.yml#add-a-group-to-another-group).
 
### Membership types
 
<a name='how-access-management-in-azure-ad-works'></a>
 
Microsoft Entra ID helps you give access to your organization's resources by providing access rights to a single user or a group. Using groups lets the resource owner or Microsoft Entra directory owner assign a set of access permissions to all members of the group. The resource or directory owner can also grant group management rights to someone such as a department manager or a help desk administrator, which allows that person to add and remove members. For more information about how to manage group owners, see the [Manage groups](how-to-manage-groups.yml) article.
 
The resources that Microsoft Entra groups can manage access to can be:
 
- **Direct assignment**: The resource owner directly assigns the user to the resource.
 
- **Group assignment.** The resource owner assigns a Microsoft Entra group to the resource, which automatically gives all of the group members access to the resource. Both the group owner and the resource owner manage group membership, letting either owner add or remove members from the group. For more information about managing group membership, see the [Managed groups](how-to-manage-groups.yml) article.
 
- **Rule-based assignment**: The resource owner creates a group and uses a rule to define which users are assigned to a specific resource. The rule is based on attributes that are assigned to individual users. The resource owner manages the rule, determining which attributes and values are required to allow access the resource. For more information, see [Create a dynamic group](..//identity/users/groups-create-rule.md).

  - For more information, see [Learn about Microsoft 365 Groups](https://support.office.com/article/learn-about-office-365-groups-b565caa1-5c40-40ef-9915-60fdb2d97fa2).
 
> [!NOTE]
> When nesting an existing security group to another security group, only members in the parent group have access to shared resources and applications. For more info about managing nested groups, see [How to manage groups](how-to-manage-groups.md#add-a-group-to-another-group).
 
### Membership types
 
<a name='how-access-management-in-azure-ad-works'></a>
 
Microsoft Entra ID helps you give access to your organization's resources by providing access rights to a single user or a group. Using groups lets the resource owner or Microsoft Entra directory owner assign a set of access permissions to all members of the group. The resource or directory owner can also grant group management rights to someone such as a department manager or a help desk administrator, which allows that person to add and remove members. For more information about how to manage group owners, see the [Manage groups](how-to-manage-groups.md) article.
 
The resources that Microsoft Entra groups can manage access to can be:
 
- **Direct assignment**: The resource owner directly assigns the user to the resource.
 
- **Group assignment.** The resource owner assigns a Microsoft Entra group to the resource, which automatically gives all of the group members access to the resource. Both the group owner and the resource owner manage group membership, letting either owner add or remove members from the group. For more information about managing group membership, see the [Managed groups](how-to-manage-groups.md) article.
 
- **Rule-based assignment**: The resource owner creates a group and uses a rule to define which users are assigned to a specific resource. The rule is based on attributes that are assigned to individual users. The resource owner manages the rule, determining which attributes and values are required to allow access the resource. For more information, see [Create a dynamic group](..//identity/users/groups-create-rule.md).

MODIFIED docs/fundamentals/entra-admin-center.md

Modified by shlipsey3 on Jun 23, 2026 9:35 PM
📖 View on learn.microsoft.com

+2 / -2 lines changed

Commit: yml-conversion1-061926 (#13583)

Changes:

Before

After

| Task | Description | Learn more |
|------|-------------|------------|
| Create or delete users | Add new members or guests to your organization, or remove existing users. | [Create or delete users](./how-to-create-delete-users.md) |
| Manage groups | Create and manage groups to organize users for access management and licensing. | [Manage groups and group membership](./how-to-manage-groups.yml) |
| Assign roles | Delegate administrative responsibilities using built-in or custom roles. | [Overview of role-based access control](~/identity/role-based-access-control/custom-overview.md) |
| Manage applications | Register and configure applications for single sign-on and API access. | [What is application management?](~/identity/enterprise-apps/what-is-application-management.md) |
| Create a Conditional Access policy | Define access controls based on conditions such as user, device, location, and risk. | [What is Conditional Access?](~/identity/conditional-access/overview.md) |
 
* [What is Microsoft Entra?](./what-is-entra.md)
* [Create or delete users](./how-to-create-delete-users.md)
* [Manage groups and group membership](./how-to-manage-groups.yml)
* [Overview of role-based access control](~/identity/role-based-access-control/custom-overview.md)
* [What is Conditional Access?](~/identity/conditional-access/overview.md)
* [What is Identity Secure Score?](~/identity/monitoring-health/concept-identity-secure-score.md)

| Task | Description | Learn more |
|------|-------------|------------|
| Create or delete users | Add new members or guests to your organization, or remove existing users. | [Create or delete users](./how-to-create-delete-users.md) |
| Manage groups | Create and manage groups to organize users for access management and licensing. | [Manage groups and group membership](./how-to-manage-groups.md) |
| Assign roles | Delegate administrative responsibilities using built-in or custom roles. | [Overview of role-based access control](~/identity/role-based-access-control/custom-overview.md) |
| Manage applications | Register and configure applications for single sign-on and API access. | [What is application management?](~/identity/enterprise-apps/what-is-application-management.md) |
| Create a Conditional Access policy | Define access controls based on conditions such as user, device, location, and risk. | [What is Conditional Access?](~/identity/conditional-access/overview.md) |
 
* [What is Microsoft Entra?](./what-is-entra.md)
* [Create or delete users](./how-to-create-delete-users.md)
* [Manage groups and group membership](./how-to-manage-groups.md)
* [Overview of role-based access control](~/identity/role-based-access-control/custom-overview.md)
* [What is Conditional Access?](~/identity/conditional-access/overview.md)
* [What is Identity Secure Score?](~/identity/monitoring-health/concept-identity-secure-score.md)

MODIFIED docs/id-governance/my-access-approver-details.md

Modified by learn-build-service-prod[bot] on Jun 23, 2026 4:37 PM
📖 View on learn.microsoft.com

+2 / -2 lines changed

Commit: Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/entra-docs (branch main) (#13621)

Changes:

Before

After

#Customer Intent: As an IT admin, I want to configure whether requestors can see approver details in the My Access portal so that I can control the visibility of approval information.
---
 
# Configure whether requestors can see approver details (Preview)
 
> [!NOTE]
> This feature will be widely available beginning in September 2025.
 
1. In the Microsoft Entra admin center, go to **Identity Governance** > **Entitlement management** > **Control configurations**.
 
2. Under **My Access settings for end users**, find **Show approver details to members on pending access package requests (preview).**
 
3. Choose the desired behavior:

#Customer Intent: As an IT admin, I want to configure whether requestors can see approver details in the My Access portal so that I can control the visibility of approval information.
---
 
# Configure whether requestors can see approver details
 
> [!NOTE]
> This feature will be widely available beginning in September 2025.
 
1. In the Microsoft Entra admin center, go to **Identity Governance** > **Entitlement management** > **Control configurations**.
 
2. Under **My Access settings for end users**, find **Show approver details to members on pending access package requests.**
 
3. Choose the desired behavior:

MODIFIED docs/identity/saas-apps/zscaler-internet-access-zsnet-tutorial.md

Modified by Hamsika45 on Jun 23, 2026 7:27 AM
📖 View on learn.microsoft.com

+1 / -3 lines changed

Commit: label mismatched

Changes:

Before

After

 
Zscaler Internet Access ZSNet is available in the following [national cloud deployments](/graph/deployments).
 
| Global service | US Government | China operated by 21Vianet |
|-----------------|------------------------|----------------------------|
| :white_check_mark: |     | :white_check_mark:    |
 
## Prerequisites
The scenario outlined in this article assumes that you already have the following prerequisites:

 
Zscaler Internet Access ZSNet is available in the following [national cloud deployments](/graph/deployments).
 
[!INCLUDE [national-clouds-global-and-china](~/identity/saas-apps/includes/national-clouds-global-and-china.md)]
 
## Prerequisites
The scenario outlined in this article assumes that you already have the following prerequisites:

MODIFIED docs/identity/saas-apps/zoom-provisioning-tutorial.md

Modified by Jackline Omondi on Jun 23, 2026 11:22 AM
📖 View on learn.microsoft.com

+0 / -3 lines changed

Commit: Remove redundant globally-declared metadata (docfx.json fileMetadata)

Changes:

Before

After

title: Configure Zoom for automatic user provisioning with Microsoft Entra ID
description: Learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Zoom.
 
author: jeevansd
manager: pmwongera
ms.topic: how-to
ms.date: 06/11/2026
ms.author: jeedes
 
# Customer intent: As an IT administrator, I want to learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Zoom so that I can streamline the user management process and ensure that users have the appropriate access to Zoom.
---

title: Configure Zoom for automatic user provisioning with Microsoft Entra ID
description: Learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Zoom.
 
ms.topic: how-to
ms.date: 06/11/2026
 
# Customer intent: As an IT administrator, I want to learn how to automatically provision and deprovision user accounts from Microsoft Entra ID to Zoom so that I can streamline the user management process and ensure that users have the appropriate access to Zoom.
---

MODIFIED docs/identity/app-provisioning/how-to-account-discovery.md

Modified by ArvindHarinder1 on Jun 23, 2026 10:15 AM
📖 View on learn.microsoft.com

+3 / -0 lines changed

Commit: Update account discovery documentation with new features

Changes:

Before

After

- ServiceNow  
- Amazon Web Services (AWS)
- Snowflake
 
### All other connectors

- ServiceNow  
- Amazon Web Services (AWS)
- Snowflake
- Cross-tenant synchronization
- Cloud sync
- Group provisioning to AD
 
### All other connectors
 

MODIFIED docs/architecture/governance-deployment-employee-access.md

Modified by shlipsey3 on Jun 23, 2026 9:35 PM
📖 View on learn.microsoft.com

+1 / -1 lines changed

Commit: yml-conversion1-061926 (#13583)

Changes:

Before

After

   [ ![Screenshot of the Create auto assignment policy tab on the Edit policy dialog.](media/governance-deployment/edit-policy.png)](media/governance-deployment/edit-policy-expanded.png#lightbox)

For more information, you can learn about [groups and access rights in Microsoft Entra ID](../fundamentals/how-to-manage-groups.yml)

See the following video to learn more about policy assignment.</br></br>

   [ ![Screenshot of the Create auto assignment policy tab on the Edit policy dialog.](media/governance-deployment/edit-policy.png)](media/governance-deployment/edit-policy-expanded.png#lightbox)

For more information, you can learn about [groups and access rights in Microsoft Entra ID](../fundamentals/how-to-manage-groups.md)

See the following video to learn more about policy assignment.</br></br>

MODIFIED docs/architecture/gsa-deployment-guide-internet-access.md

Modified by shlipsey3 on Jun 23, 2026 9:35 PM
📖 View on learn.microsoft.com

+1 / -1 lines changed

Commit: yml-conversion1-061926 (#13583)

Changes:

Before

After

At this point, you completed initiate and plan stages of your Secure Access Services Edge (SASE) deployment project. You understand what you need to implement for whom. You defined which users to enable in each wave. You have a schedule for each wave's deployment. You have met [licensing requirements](../global-secure-access/overview-what-is-global-secure-access.md#licensing-overview). You're ready to enable Microsoft Entra Internet Access.
 
1. Complete the Global Secure Access [prerequisites](../global-secure-access/quickstart-access-admin-center.md#prerequisites).
1. [Create a Microsoft Entra group](../fundamentals/how-to-manage-groups.yml) that includes your pilot users.
1. Enable the Microsoft Entra Internet access and Microsoft traffic forwarding profiles. Assign your pilot group to each profile.
 
> [!NOTE]

At this point, you completed initiate and plan stages of your Secure Access Services Edge (SASE) deployment project. You understand what you need to implement for whom. You defined which users to enable in each wave. You have a schedule for each wave's deployment. You have met [licensing requirements](../global-secure-access/overview-what-is-global-secure-access.md#licensing-overview). You're ready to enable Microsoft Entra Internet Access.
 
1. Complete the Global Secure Access [prerequisites](../global-secure-access/quickstart-access-admin-center.md#prerequisites).
1. [Create a Microsoft Entra group](../fundamentals/how-to-manage-groups.md) that includes your pilot users.
1. Enable the Microsoft Entra Internet access and Microsoft traffic forwarding profiles. Assign your pilot group to each profile.
 
> [!NOTE]

📋 Microsoft Entra Documentation Changes

📊 Summary

🆕 New Documentation Files

📝 Modified Documentation Files