/
Entra ID Feature Policies

Entra ID Feature Policies

Entra ID uses policies to control behavior of Microsoft Entra features. A policy is defined globally in the Entra ID tenant and then applied to the entire tenant or to one or more applications, service principals, or groups.

The utexas tenant currently permits the following policy types:

  • Claims Mapping Policy

    • claims mapping policy modifies the claims that are included in tokens and can be assigned to one or more service principal objects. This policy type can be configured to perform one or more of the following actions:

      • select which claims are included

      • create new claims

      • modify the source of an existing claim.

  • Home Realm Discovery Policy

    • A home realm discovery policy modifies the authentication behavior for federated users and can be assigned to one or more service principal objects. This policy type can be configured to perform one of the following actions:

      • bypass home realm discovery and send authentication requests directly to a federated IDP such as ADFS

      • bypass federation and authenticate directly against the cloud when Password Hash Synchronization is enabled

      • enable sign-in with an alternate ID such as an e-mail address that does not match a user principal name.

    • Each policy can be assigned to one or more service principal objects.

    • One policy can be assigned to the entire tenant via the IsOrganizationDefault property.

References

 

Confluence Documentation | Web Privacy Policy | Web Accessibility