Today we’re excited to share that you can now enable Azure AD access reviews for your guest users across all Microsoft Teams and Microsoft 365 Groups in your organization. And as new Teams and Groups are created, access reviews will automatically be enabled for those that have guest users in them. Since we announced access reviews a few years ago, it has become a very popular identity governance feature with our customers. Especially with an increase in external collaboration, many of you are using access reviews to ensure that access to sensitive resources that is no longer needed by your guest users is cleaned up regularly. Being able to do access reviews for guest users across all Teams and Groups as these resources are created is one of the most requested features in our feedback forum. This feature is now available in public preview for all of our customers who have an Azure AD Premium 2 subscription.
Setting up an access review for guest users across all Teams and Groups in your tenant simply requires you to create an access review with the setting of all Microsoft 365 groups with guest users.
You can then schedule the reviews to occur at a certain frequency such as quarterly. You can also choose to either have the guest users review their own access or task the review to the owner of the Team/Microsoft 365 group.
After the review is created, your reviewers will receive an email with a link to our friendly end-user portal, MyAccess, to complete their reviews. To make the job even simpler for reviewers, they will see recommendations to approve or deny users based on the last sign-in date of the user being reviewed.
To try this out in your own environment, sign in to the Azure portal and go to the Azure Active Directory > Identity governance section. If you don’t have Azure AD Premium 2, you can start a trial free for 30 days.
To learn more about Access Reviews, check out our documentation.
As always, we’d love to hear from you. Please let us know what you think in the comments below or on the Azure AD feedback forum.
Learn more about Microsoft identity:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.