📋 Microsoft Entra Documentation Changes

Daily summary for changes since June 11th 2026, 11:24 PM PDT

Report generated on June 12th 2026, 11:24 PM PDT

📊 Summary

17
Total Commits
6
New Files
6
Modified Files
0
Deleted Files
7
Contributors

🆕 New Documentation Files

NEW docs/identity/users/scripts/powershell-pause-all-except-dynamic-membership.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+607 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)
NEW docs/identity/users/scripts/powershell-resume-specific-critical-dynamic-membership.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+545 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)
NEW docs/identity/users/scripts/powershell-pause-specific-dynamic-membership.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+542 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)
NEW docs/identity/users/scripts/powershell-pause-all-dynamic-membership.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+510 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)
NEW docs/identity/users/scripts/powershell-resume-noncritical-dynamic-membership.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+505 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)
NEW docs/identity/users/groups-dynamic-membership-powershell-samples.md
Added by Ken Withee on Jun 12, 2026 7:46 AM
📖 View on learn.microsoft.com
+57 lines added
Commit: Scaffold PowerShell sample pages for dynamic membership pause/resume (#13292)

📝 Modified Documentation Files

MODIFIED docs/external-id/invitation-email-elements.md
Modified by learn-build-service-prod[bot] on Jun 12, 2026 4:32 PM
📖 View on learn.microsoft.com
+115 / -78 lines changed
Commit: Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/entra-docs (branch main) (#13470)
Changes:
Before
After
title: About B2B Invitations
description: Learn about the B2B collaboration invitation email you can send to business partners and external guest users who need to authenticate and access your apps.
ms.topic: concept-article
ms.date: 12/05/2025
ms.collection: M365-identity-device-management
ms.custom: it-pro, seo-july-2024, sfi-image-nochange
# Customer intent: As a B2B collaboration user, I want to understand the elements of the invitation email, so that I can effectively invite partners to join my organization and provide them with the necessary information to make an informed decision.
 
# B2B invitation email layout and language settings
 
[!INCLUDE [applies-to-workforce-only](./includes/applies-to-workforce-only.md)]
 
Invitation emails are key to welcoming partners as Microsoft Entra B2B collaboration users. Although [not mandatory](redemption-experience.md#redemption-process-through-a-direct-link), these emails give essential information to help recipients decide whether to accept your invitation. They include a link for quick access to your resources later.
 
:::image type="content" source="media/invitation-email-elements/invitation-email.png" alt-text="Screenshot of the B2B invitation email.":::
 
## Explaining the email
 
Let's review a few elements of the email so you understand how to use their capabilities. These elements might appear slightly different in some email clients.
 
---
title: About B2B Invitations
description: Learn about the B2B collaboration invitation email you can send to business partners and external guest users who need to authenticate and access your apps.
ms.topic: concept-article
ms.date: 12/05/2025
ms.collection: M365-identity-device-management
ms.custom: it-pro, seo-july-2024, sfi-image-nochange
ai-usage: ai-assisted
# Customer intent: As a B2B collaboration user, I want to understand the elements of the invitation email, so that I can effectively invite partners to join my organization and provide them with the necessary information to make an informed decision.
---
# B2B invitation email layout and language settings
[!INCLUDE [applies-to-workforce-only](./includes/applies-to-workforce-only.md)]
Invitation emails are key to welcoming partners as Microsoft Entra B2B collaboration users. Although [not mandatory](redemption-experience.md#redemption-process-through-a-direct-link), these emails give essential information to help recipients decide whether to accept your invitation. They include a link for quick access to your resources later.
:::image type="content" source="media/invitation-email-elements/invitation-email.png" alt-text="Screenshot of the B2B invitation email.":::
## Explaining the email
MODIFIED docs/identity/role-based-access-control/includes/agent-id-administrator.md
Modified by Robert Lyon on Jun 12, 2026 9:40 PM
📖 View on learn.microsoft.com
+44 / -33 lines changed
Commit: [Entra roles] Agent ID Administrator and Agent ID Developer roles update (#13091)
Changes:
Before
After
title: Agent ID Administrator
description: Agent ID Administrator
ms.topic: include
ms.date: 05/21/2026
ms.custom: include file, agent-id-ignite
---
 
 
Assign the Agent ID Administrator role to users who need to do the following:
 
- Manage all aspects of agents in a tenant including identity lifecycle operations for agent blueprints, agent service principals, agent identities, and agentic users.
 
<!-- autogenerated content starts here -->
 
> | --- | --- |
> | microsoft.azure.serviceHealth/allEntities/allTasks | Read and configure Azure Service Health |
> | microsoft.azure.supportTickets/allEntities/allTasks | Create and manage Azure support tickets |
> | microsoft.directory/agentIdentities/appRoleAssignedTo/update | Update agent identity role assignments. |
> | microsoft.directory/agentIdentities/basic/update | Update basic properties of agent identities. |
> | microsoft.directory/agentIdentities/create | Create agent identities.<br/>[![Privileged label icon.](../media/permissions-reference/privileged-label.png)](../privileged-roles-permissions.md) |
title: Agent ID Administrator
description: Agent ID Administrator
ms.topic: include
ms.date: 06/11/2026
ms.custom: include file, agent-id-ignite
---
 
 
Assign the Agent ID Administrator role to users who need to do the following:
 
- Manage the full lifecycle of agent identities, agent identity blueprint principals, agent identity blueprints, and agent users in a tenant
- Permanently delete and restore deleted agent identities, agent identity blueprint principals, agent identity blueprints, and agent users
- Manage licenses, invalidate refresh tokens, and revoke sign-in sessions for agent users
- Read all properties of audit logs and sign-in reports
- Read standard properties of organization, policies, external user profiles, hidden group members, and bulk jobs for users
- Create Microsoft 365 groups as owner
- Read and configure Azure and Microsoft 365 service health and support tickets
- Create and manage Azure and Microsoft 365 service health and support tickets
 
<!-- autogenerated content starts here -->
MODIFIED docs/identity/role-based-access-control/includes/global-administrator.md
Modified by Robert Lyon on Jun 12, 2026 9:40 PM
📖 View on learn.microsoft.com
+30 / -47 lines changed
Commit: [Entra roles] Agent ID Administrator and Agent ID Developer roles update (#13091)
Changes:
Before
After
title: Global Administrator
description: Global Administrator
ms.topic: include
ms.date: 05/21/2026
ms.custom: include file
---
 
> | microsoft.directory/accessReviews/definitions/allProperties/allTasks | Manage access reviews of all reviewable resources in Microsoft Entra ID |
> | microsoft.directory/adminConsentRequestPolicy/allProperties/allTasks | Manage admin consent request policies in Microsoft Entra ID |
> | microsoft.directory/administrativeUnits/allProperties/allTasks | Create and manage administrative units (including members) |
> | microsoft.directory/agentIdentities/appRoleAssignedTo/update | Update agent identity role assignments. |
> | microsoft.directory/agentIdentities/basic/update | Update basic properties of agent identities. |
> | microsoft.directory/agentIdentities/create | Create agent identities.<br/>[![Privileged label icon.](../media/permissions-reference/privileged-label.png)](../privileged-roles-permissions.md) |
> | microsoft.directory/agentIdentities/delete | Delete agent identities.<br/>[![Privileged label icon.](../media/permissions-reference/privileged-label.png)](../privileged-roles-permissions.md) |
> | microsoft.directory/agentIdentities/disable | Disable agent identities.<br/>[![Privileged label icon.](../media/permissions-reference/privileged-label.png)](../privileged-roles-permissions.md) |
> | microsoft.directory/agentIdentities/enable | Enable agent identities.<br/>[![Privileged label icon.](../media/permissions-reference/privileged-label.png)](../privileged-roles-permissions.md) |
> | microsoft.directory/agentIdentities/owners/update | Add and remove owners to agent identities. |
> | microsoft.directory/agentIdentities/tag/update | Update tags for agent identities. |
> | microsoft.directory/agentIdentityBlueprintPrincipals/appRoleAssignedTo/update | Update agent identity blueprint principal role assignments. |
> | microsoft.directory/agentIdentityBlueprintPrincipals/basic/update | Update basic properties of agent identity blueprint principals. |
title: Global Administrator
description: Global Administrator
ms.topic: include
ms.date: 06/11/2026
ms.custom: include file
---
 
> | microsoft.directory/accessReviews/definitions/allProperties/allTasks | Manage access reviews of all reviewable resources in Microsoft Entra ID |
> | microsoft.directory/adminConsentRequestPolicy/allProperties/allTasks | Manage admin consent request policies in Microsoft Entra ID |
> | microsoft.directory/administrativeUnits/allProperties/allTasks | Create and manage administrative units (including members) |
> | microsoft.directory/agentIdentities/appRoleAssignedTo/update | Update agent identity role assignments |
> | microsoft.directory/agentIdentities/authentication/update | Update authentication on agent identities |
> | microsoft.directory/agentIdentities/basic/update | Update basic properties on agent identities |
> | microsoft.directory/agentIdentities/create | Create agent identities |
> | microsoft.directory/agentIdentities/delete | Delete agent identities |
> | microsoft.directory/agentIdentities/disable | Disable agent identities |
> | microsoft.directory/agentIdentities/enable | Enable agent identities |
> | microsoft.directory/agentIdentities/owners/update | Update owners on agent identities |
> | microsoft.directory/agentIdentities/tag/update | Update tags of agent identities |
> | microsoft.directory/agentIdentityBlueprintPrincipals/appRoleAssignedTo/update | Update agent identity blueprint principal role assignments |
MODIFIED docs/identity/role-based-access-control/includes/agent-id-developer.md
Modified by Robert Lyon on Jun 12, 2026 9:40 PM
📖 View on learn.microsoft.com
+4 / -3 lines changed
Commit: [Entra roles] Agent ID Administrator and Agent ID Developer roles update (#13091)
Changes:
Before
After
title: Agent ID Developer
description: Agent ID Developer
ms.topic: include
ms.date: 01/26/2026
ms.custom: include file, agent-id-ignite
---
 
Assign the Agent ID Developer role to users who need to do the following:
 
- Create agent blueprints and their service principals. The user is added as an owner of the agent blueprint and its service principal.
 
<!-- autogenerated content starts here -->
 
> [!div class="mx-tableFixed"]
> | Actions | Description |
> | --- | --- |
> | microsoft.directory/servicePrincipals/standard/read | Read basic properties of service principals |
 
 
title: Agent ID Developer
description: Agent ID Developer
ms.topic: include
ms.date: 06/11/2026
ms.custom: include file, agent-id-ignite
---
 
Assign the Agent ID Developer role to users who need to do the following:
 
- Create an agent identity blueprint and its agent identity blueprint principal in a tenant. User will be added as an owner of the created agent identity blueprint and its agent identity blueprint principal.
 
<!-- autogenerated content starts here -->
 
> [!div class="mx-tableFixed"]
> | Actions | Description |
> | --- | --- |
> | microsoft.directory/agentIdentityBlueprints/createAsOwner | Create agent identity blueprints, and creator is added as the first owner |
> | microsoft.directory/servicePrincipals/standard/read | Read basic properties of service principals |
 
MODIFIED docs/identity/role-based-access-control/whats-new.md
Modified by Robert Lyon on Jun 12, 2026 9:40 PM
📖 View on learn.microsoft.com
+2 / -1 lines changed
Commit: [Entra roles] Agent ID Administrator and Agent ID Developer roles update (#13091)
Changes:
Before
After
title: What's new in Microsoft Entra RBAC documentation
description: Learn about the new features and documentation improvements in Microsoft Entra role-based access control (RBAC).
ms.topic: whats-new
ms.date: 05/21/2026
 
---
 
 
| Date | Area | Description |
| --- | --- | --- |
| May 2026 | Roles | Updated [Identity Governance Administrator](permissions-reference.md#identity-governance-administrator) role to a privileged role. |
| April 2026 | Roles | Added [AI Reader](permissions-reference.md#ai-reader) and [Customer Delegated Admin Relationship Administrator](permissions-reference.md#customer-delegated-admin-relationship-administrator) roles. |
| March 2026 | Roles | Added [Teams External Collaboration Administrator](permissions-reference.md#teams-external-collaboration-administrator) role. |
 
title: What's new in Microsoft Entra RBAC documentation
description: Learn about the new features and documentation improvements in Microsoft Entra role-based access control (RBAC).
ms.topic: whats-new
ms.date: 06/11/2026
 
---
 
 
| Date | Area | Description |
| --- | --- | --- |
| June 2026 | Roles | Updated [Agent ID Administrator](permissions-reference.md#agent-id-administrator) and [Agent ID Developer](permissions-reference.md#agent-id-developer) roles. |
| May 2026 | Roles | Updated [Identity Governance Administrator](permissions-reference.md#identity-governance-administrator) role to a privileged role. |
| April 2026 | Roles | Added [AI Reader](permissions-reference.md#ai-reader) and [Customer Delegated Admin Relationship Administrator](permissions-reference.md#customer-delegated-admin-relationship-administrator) roles. |
| March 2026 | Roles | Added [Teams External Collaboration Administrator](permissions-reference.md#teams-external-collaboration-administrator) role. |
MODIFIED docs/global-secure-access/concept-external-user-access.md
Modified by cagautham on Jun 12, 2026 2:12 PM
📖 View on learn.microsoft.com
+1 / -1 lines changed
Commit: docs: rewrite AVD/W365 note for professional tone and clarity
Changes:
Before
After
:::image type="content" source="media/concept-external-user-access/guest-access-overview.png" alt-text="Diagram showing an overview of external user access in Global Secure Access." lightbox="media/concept-external-user-access/guest-access-overview.png":::
 
> [!NOTE]
> The VM is domain joined and Global Secure Access connects the logged-in external user directly to the tenant. There is no need for tenant switching.
 
To enable external user access for Windows 365 or Azure Virtual Desktop (AVD) virtual machines (VM) with Global Secure Access, follow these steps:
 
:::image type="content" source="media/concept-external-user-access/guest-access-overview.png" alt-text="Diagram showing an overview of external user access in Global Secure Access." lightbox="media/concept-external-user-access/guest-access-overview.png":::
 
> [!NOTE]
> In this scenario, the virtual machine is domain joined to the resource tenant. The Global Secure Access client on the VM automatically authenticates the external user to the resource tenant based on the VM's domain membership, eliminating the need for manual tenant switching.
 
To enable external user access for Windows 365 or Azure Virtual Desktop (AVD) virtual machines (VM) with Global Secure Access, follow these steps:
 

🤖 This report was automatically generated by the Entra Docs Monitor

📧 Delivered to merill@merill.net

🔗 Visit Repository