Disablement of Symmetric keys for Microsoft Entra first-party applications Service Principals

Disablement of Symmetric keys for Microsoft Entra first-party applications Service Principals

In an effort to enhance security, Symmetric keys for Microsoft Entra first-party applications' Service Principals will be disabled. As a result, organizations must replace Symmetric with Asymmetric keys by June 15, 2024, to prevent authentication failures. Using Symmetric keys for authentication involves the client sending a shared key with its request to the security token service, which can be permanently compromised if intercepted. By disabling Symmetric keys authentication, Microsoft aims to improve their first-party applications' security posture and enhance the protection of customer data. After the change is implemented, any client requests that still use Symmetric Keys on their Microsoft first-party Application Service Principals will fail, so current customers need to follow the steps outlined in the link to replace Symmetric with Asymmetric keys.

Message ID: MC792991

The original post is available on M365 Admin.

Published on:

Learn more
M365 Admin
M365 Admin

by João Ferreira

Share post:

Related posts

Microsoft Edge: Security protection controls in the Microsoft Edge management service

The Microsoft Edge management service has been designed to provide administrators with dedicated tools for managing settings that improve the ...

1 month ago

Power Platform – Customer-Managed Key (CMK) encrypted with Azure Key Vault Managed HSM key is now available

If you're a Dataverse user and interested in enhancing the security of your data, this announcement will be of particular interest to you. As ...

1 month ago

D365 FO Encryption And Decryption Using A Symmetric Key(AES) using X++

If you're looking to encrypt and decrypt data using a symmetric key in D365 FO, this tutorial is the right place to be. The post details the s...

6 months ago

Customer Managed Encryption Keys for Power Apps Now Available!

Microsoft has announced the General Availability of Customer Managed encryption keys (CMK) for Power Apps data in your environments. This upda...

1 month ago

Customer Managed Encryption Keys for Power Automate - Now Generally Available

Power Automate has announced the general availability of Customer Managed Encryption Keys, which allows customers to use their own encryption ...

1 month ago

Microsoft Purview compliance portal: Protect your most sensitive content with double key encryption

If you're looking for ways to protect your sensitive content, Microsoft Purview compliance portal might be the solution for you. With Double K...

2 months ago

Power Platform – Customer-Managed Key (CMK) service updates new feature announcements

The Power Platform is rolling out new updates to its Customer-Managed Key (CMK) service, which allows organizations to manage their encryption...

9 months ago

Microsoft Purview compliance portal: eDiscovery (Premium) – CMK (Customer Managed Keys) support for data at-rest in Review sets

This announcement introduces the implementation of customer-managed key (CMK) options, giving users the ability to manage their own encryption...

1 year ago

Microsoft Purview Audit | Support for Customer Key (preview)

Microsoft Purview is adding support for encryption with Customer Key to their Audit feature. This update is expected to roll out between late ...

1 year ago

Block users from viewing their BitLocker keys

This post focuses on an essential setting that can be used to block end-users from viewing their BitLocker keys. Although users can usually se...

1 year ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy