Disablement of Symmetric keys for Microsoft Entra first-party applications Service Principals
In an effort to enhance security, Symmetric keys for Microsoft Entra first-party applications' Service Principals will be disabled. As a result, organizations must replace Symmetric with Asymmetric keys by June 15, 2024, to prevent authentication failures. Using Symmetric keys for authentication involves the client sending a shared key with its request to the security token service, which can be permanently compromised if intercepted. By disabling Symmetric keys authentication, Microsoft aims to improve their first-party applications' security posture and enhance the protection of customer data. After the change is implemented, any client requests that still use Symmetric Keys on their Microsoft first-party Application Service Principals will fail, so current customers need to follow the steps outlined in the link to replace Symmetric with Asymmetric keys.
Message ID: MC792991
The original post is available on M365 Admin.
Published on:
Learn moreRelated posts
Microsoft Edge: Security protection controls in the Microsoft Edge management service
The Microsoft Edge management service has been designed to provide administrators with dedicated tools for managing settings that improve the ...
Power Platform – Customer-Managed Key (CMK) encrypted with Azure Key Vault Managed HSM key is now available
If you're a Dataverse user and interested in enhancing the security of your data, this announcement will be of particular interest to you. As ...
D365 FO Encryption And Decryption Using A Symmetric Key(AES) using X++
If you're looking to encrypt and decrypt data using a symmetric key in D365 FO, this tutorial is the right place to be. The post details the s...
Customer Managed Encryption Keys for Power Apps Now Available!
Microsoft has announced the General Availability of Customer Managed encryption keys (CMK) for Power Apps data in your environments. This upda...
Customer Managed Encryption Keys for Power Automate - Now Generally Available
Power Automate has announced the general availability of Customer Managed Encryption Keys, which allows customers to use their own encryption ...
Microsoft Purview compliance portal: Protect your most sensitive content with double key encryption
If you're looking for ways to protect your sensitive content, Microsoft Purview compliance portal might be the solution for you. With Double K...
Power Platform – Customer-Managed Key (CMK) service updates new feature announcements
The Power Platform is rolling out new updates to its Customer-Managed Key (CMK) service, which allows organizations to manage their encryption...
Microsoft Purview compliance portal: eDiscovery (Premium) – CMK (Customer Managed Keys) support for data at-rest in Review sets
This announcement introduces the implementation of customer-managed key (CMK) options, giving users the ability to manage their own encryption...
Microsoft Purview Audit | Support for Customer Key (preview)
Microsoft Purview is adding support for encryption with Customer Key to their Audit feature. This update is expected to roll out between late ...
Block users from viewing their BitLocker keys
This post focuses on an essential setting that can be used to block end-users from viewing their BitLocker keys. Although users can usually se...