ICYMI we shared our quarterly update of Entra change announcements a few weeks ago. Here is a quick summary.

🚀 Change summary
I have highlighted the delta of latest changes in the table.

🚀 Microsoft Authenticator App Number matching
Switching from push notifications to number match as the default was scheduled for last month. The change is now extended to May 8. If you can turn it on now. Don't wait.

🚀 My groups
There is a new and improved experience for My Groups. You can still switch back to the old one currently. What's changing in May is
✅ New url for the page
✅ Old experience will no longer be available
✅ Admin controls for limiting access to this page is going away

🚀 My Apps browser extension changes in May
✅ Inline search and recently used section in the demo below is going away.
✅ Search will open a new tab.
✅ One-click app config feature for admins is going away
✅ App proxy link translation introduces a limit of 2250 per tenant

🚀 *System-preferred MFA *
This is in preview now and is currently opt-in.
Sometime after GA it will be enabled for all users if set as Microsoft managed (GA date tbd).
You can set this to disabled to opt-out.
PS. Please, please don't disable this 🙏

🚀 New urls for
✅ My apps: launcher.myapps.microsoft.com
✅ Terms of use: *.myaccount.microsoft.com
So make sure your IP and certificate allowlists are in place latest by June 30

🚀 Beginning Sep 30, 2024 the legacy MFA and legacy SSPR will go away and be replaced with the converged authentication methods policy.
✅ You don't need to wait that long. Migrate today to converged Authentication Methods for the best admin experience.

🚀 Finally, if you are using the 'Require approved client app' conditional access policy make sure you also enable and test with 'Require app protection policy'.
✅ The 'Require approved client app' grant will no longer function after March 2026.

The latest set of changes will always be available at aka.ms/entrachanges