๐ Secure Bits ๐ก
๐ฆ๐๐ผ๐ฝ๐ฝ๐ถ๐ป๐ด ๐ฎ๐ป ๐ฎ๐ฝ๐ฝ ๐ถ๐ป ๐๐ป๐๐ฟ๐ฎ ๐๐ ๐ป๐ผ ๐น๐ผ๐ป๐ด๐ฒ๐ฟ ๐บ๐ฒ๐ฎ๐ป๐ ๐ฑ๐ฒ๐น๐ฒ๐๐ถ๐ป๐ด ๐ถ๐. ๐๐ป๐ฑ ๐๐ต๐ฎ๐โ๐ ๐ฎ ๐ฏ๐ถ๐ด ๐ฑ๐ฒ๐ฎ๐น.
A new feature is coming to Microsoft Entra ID that finally gives admins a safer option:
๐ฑ๐ฒ๐ฎ๐ฐ๐๐ถ๐๐ฎ๐๐ฒ ๐ฎ๐ป ๐ฒ๐ป๐๐ฒ๐ฟ๐ฝ๐ฟ๐ถ๐๐ฒ ๐ฎ๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป ๐ถ๐ป๐๐๐ฒ๐ฎ๐ฑ ๐ผ๐ณ ๐ฑ๐ฒ๐น๐ฒ๐๐ถ๐ป๐ด ๐ถ๐.
Until now, disabling an app usually meant deleting it entirely โ and with that, losing configuration, permissions, metadata, and also the sign-in and audit history you might need later.
๐ค ๐ช๐ต๐ ๐ป๐ผ๐ ๐ท๐๐๐ ๐ฑ๐ฒ๐น๐ฒ๐๐ฒ?
Deleting an app is often too destructive during:
– Security investigations
– Incident response
– Suspicious sign-in analysis
– Temporary service suspension
– Dev/test rollbacks
Once deleted, the context is gone โ and so is your ability to understand ๐ธ๐ฉ๐ข๐ต ๐ฉ๐ข๐ฑ๐ฑ๐ฆ๐ฏ๐ฆ๐ฅ.
๐ ๏ธย ๐ช๐ต๐ฎ๐โ๐ ๐ฑ๐ผ๐ฒ๐ ๐ถ๐ ๐ฑ๐ผ
–ย Deactivation immediately blocks sign-ins and token issuance
– App configuration, permissions, and metadata are preserved
– Audit and sign-in history remain intact
– The app can be reactivated if needed
This gives you a ๐ฟ๐ฒ๐๐ฒ๐ฟ๐๐ถ๐ฏ๐น๐ฒ โ๐ธ๐ถ๐น๐น ๐๐๐ถ๐๐ฐ๐ตโ instead of a permanent delete.
๐ก๏ธ From now on, Iโd advise you to treat ๐ฎ๐ฝ๐ฝ ๐ฑ๐ฒ๐ฎ๐ฐ๐๐ถ๐๐ฎ๐๐ถ๐ผ๐ป as a first-response control โ not deletion.
If your only option is โdelete and lose everything,โ you were forced to choose between ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐ผ๐ฟ ๐น๐ฎ๐ฐ๐ธ ๐ผ๐ณ ๐๐ถ๐๐ถ๐ฏ๐ถ๐น๐ถ๐๐ ๐ฎ๐ป๐ฑ ๐ฐ๐ผ๐ป๐๐ฒ๐ป๐ถ๐ฒ๐ป๐ฐ๐ฒ. This feature finally removes that trade-off.
๐ฌ How often have you deleted an app just to stop access โ and then regretted losing the logs?
๐๐ถ๐ต๐ฉ๐ฐ๐ณ ๐ฐ๐ง ๐ต๐ฉ๐ฆ ๐ฑ๐ฐ๐ด๐ต:
Martin Strnad
