Connected Organization – Microsoft Entra Identity Governance

The need to access resources and collaborate, not only within a company, but with partners has been growing at a rapid pace. With that being in mind, connected organization is a great way to share resources with external user such as SharePoint Site, applications etc.

In this blog, we will learn how to add a connection organization.

You will require Global Administrator or Identity Governance Administrator role for connected organization.

Configured state means that the users from the configured connection organization should be able to request access packages from the MyAccess portal since the domain has been whitelisted.

I recommend creating a new policy and selecting the domain(s) whose users would need to access resources through an access package.

Once you add the domain(s), it will show up next to the select connected organizations. Furthermore, anyone requesting an access package from the selected domain(s) can be auto-approved, reducing operational overhead.

Lifecycle Workflows – Microsoft Entra Identity Governance

Lifecycle workflow is an identity governance feature which helps with on-boarding and off-boarding users. I wanted to go through the features of lifecycle workflow, however, I ran into a snag due to licensing requirement.

What are lifecycle workflows

This feature requires Microsoft Entra ID Governance license.
Microsoft Entra ID Governance licensing fundamentals

Since I did not have a Microsoft Entra ID Governance license, I signed up for a one month Microsoft Entra ID Governance Trial

Once I assigned the Microsoft Entra ID Governance license to my account, the lifecycle workflows features became available.

Abiding by the principle of least privilege role, Lifecycle Workflows Administrator is a Microsoft Entra built-in role, which should be assigned to users who will be managing lifecycle workflows.

Lifecycle Workflows Administrator

In the next blog post, we will go through setting up workflow for various scenarios.