ExO RBAC improvements #1: Limiting application access
This post sheds light on the first of many upcoming improvements related to role-based access control (RBAC) in ExO (Exchange Online). ExO (Exchange Online) features a robust and granular permission model, and the Azure AD RBAC model borrows principles from it. In this post, you'll gain valuable insights into RBAC model-based practices to limit application access.
The post not only highlights the need and importance of limiting application access but also walks through the implementation of different approaches to attain this goal. With the help of this post, you can learn how to improve access control by using the application impersonation feature, how to blind any script or utility to the mailbox data, and how to restrict access based on IP address.
If you're a system administrator looking for ways to enhance your permission model or a security professional concerned with better access control, this post is a must-read for you.
Read on to discover how you can leverage RBAC and implement various techniques to control access to applications and mailbox data in ExO.
Published on:
Learn moreRelated posts
Retirement of RBAC Application Impersonation in Exchange Online
Moving ahead, Microsoft has announced the retirement of the ApplicationImpersonation Role Based Access Control (RBAC) role in Exchange Online....
A love story about Role Based Access Control for Applications in Exchange Online, Managed Identities, Entra ID Admin Units, and Graph API
Check out this intriguing love story about Role Based Access Control (RBAC) for applications in Exchange Online, Managed Identities, Entra ID ...
Microsoft Purview compliance portal: Information Protection – Exact Data Match adding support for role-based access control (RBAC) for EDM upload authorization
Microsoft Purview compliance portal is introducing a new feature that offers customers the option to use Role-Based Access Control (RBAC) to a...
Microsoft Purview compliance portal: Audit – Granular scoping with role-based access control (RBAC)
Microsoft Purview Compliance Portal is set to release an update in October 2023 that allows IT departments to delegate role-based permissions ...
Microsoft Purview compliance portal: Communication Compliance – User scoping role-based access control (RBAC)
Microsoft has added new role-based access control (RBAC) to their Purview compliance portal, allowing for delegate management of communication...
ExO RBAC improvements #1: Limiting application access
In light of the robustness of Exchange's permission model, the Azure AD role-based access control (RBAC) model follows similar principles. The...
ExO RBAC improvements #2: Support for administrative units
In Azure Active Directory (Azure AD), administrative units are the equivalent of organization units (OUs) and have been a key part of Azure AD...
Azure AD custom roles with support for granular User management permissions
Role-based Access Control (RBAC) has been a priority for Microsoft across Azure AD and Microsoft 365 in recent years. While some Microsoft wor...
Microsoft Purview | Audit: Granular scoping with role-based access control (RBAC)
In today's world of large organizations, IT departments delegate some of their day-to-day tasks to specific people or roles in the organizatio...