Forum Discussion
Attestation/account verification for Viral/Just in time users
MicrosoftHi Bally, we have heard this ask from several customers and it is definitely on our roadmap. For background, we have access reviews today in Azure AD as part of Azure AD PIM for a different scenario - attestation of users who have privileged roles assigned to them. Currently we plan to leverage this access reviews approach to enable organizations to ensure their invited guest users confirm they have a continued need for access. This is particularly important for organizations engaging with guests which come from an un-managed tenant which has no user lifecycle process in place. No dates yet but when we have more updates in this area we'll post to the Enterprise Mobility blog: https://blogs.technet.microsoft.com/enterprisemobility/ Thanks, Mark
Thanks Mark. We've tested the access review and this does not meet our needs around attestation. Our ideal scenario would be to have periodic (i.e. MFA only required every 60/90 days) where the MFA was tied to email address. Does that make sense?
- Mark_Wahl
Yes it does, periodic reviews to confirm the user is still receiving emails at their home organization email address (e.g., @live.com or @contoso.com) are not yet in preview. Thanks!
Mark, do we have an update on the periodic account verification for viral/JIT users? I have checked but couldn't find any news about that in the Enterprise mobility blog.
Was there any more info provided on this possible capability to verify periodically?
