Merill Fernando 💚
@merill.net
Product Manager @microsoft | Creator of bluesky.ms • cmd.ms • idPowerToys.merill.net • Graph X-Ray • 🇦🇺 • 🇱🇰 • Posts my own
http://youtube.com/@merillx
Sign up to my newsletter https://entra.news
http://youtube.com/@merillx
Sign up to my newsletter https://entra.news
I do lots of testing in my dev tenant and I can't imagine life without MCPs.
As I work on maester.dev and aka.ms/ztassess I now heavily use Microsoft's official MCP Server ( aka.ms/entra/mcp )
When I need to do updates I switch to my own MCP lokka.dev
As I work on maester.dev and aka.ms/ztassess I now heavily use Microsoft's official MCP Server ( aka.ms/entra/mcp )
When I need to do updates I switch to my own MCP lokka.dev
November 28, 2025 at 10:18 AM
I do lots of testing in my dev tenant and I can't imagine life without MCPs.
As I work on maester.dev and aka.ms/ztassess I now heavily use Microsoft's official MCP Server ( aka.ms/entra/mcp )
When I need to do updates I switch to my own MCP lokka.dev
As I work on maester.dev and aka.ms/ztassess I now heavily use Microsoft's official MCP Server ( aka.ms/entra/mcp )
When I need to do updates I switch to my own MCP lokka.dev
Synced Passkeys: Security risk or adoption savior? 🔐
AI Agents: The new Shadow IT? 🤖
We break down the biggest Entra news from Ignite with an all-star panel.
If you're feeling overwhelmed by the updates this episode is for you
https://entra.chat
AI Agents: The new Shadow IT? 🤖
We break down the biggest Entra news from Ignite with an all-star panel.
If you're feeling overwhelmed by the updates this episode is for you
https://entra.chat
November 23, 2025 at 2:37 AM
Synced Passkeys: Security risk or adoption savior? 🔐
AI Agents: The new Shadow IT? 🤖
We break down the biggest Entra news from Ignite with an all-star panel.
If you're feeling overwhelmed by the updates this episode is for you
https://entra.chat
AI Agents: The new Shadow IT? 🤖
We break down the biggest Entra news from Ignite with an all-star panel.
If you're feeling overwhelmed by the updates this episode is for you
https://entra.chat
That's all the Entra announcements for today (and I still didn't cover everything that came out today)
BTW: Small announcement.
🥁🥁🥁 On this week's Entra.Chat podcast I'll be joined by Nathan McNulty, Thomas Naunheim, Ru Campbell and Martin Sandren from Ikea.
BTW: Small announcement.
🥁🥁🥁 On this week's Entra.Chat podcast I'll be joined by Nathan McNulty, Thomas Naunheim, Ru Campbell and Martin Sandren from Ikea.
November 19, 2025 at 3:22 PM
That's all the Entra announcements for today (and I still didn't cover everything that came out today)
BTW: Small announcement.
🥁🥁🥁 On this week's Entra.Chat podcast I'll be joined by Nathan McNulty, Thomas Naunheim, Ru Campbell and Martin Sandren from Ikea.
BTW: Small announcement.
🥁🥁🥁 On this week's Entra.Chat podcast I'll be joined by Nathan McNulty, Thomas Naunheim, Ru Campbell and Martin Sandren from Ikea.
Want to be the first to try it out?
Opt-in today!
Opt-in today!
November 19, 2025 at 3:22 PM
Want to be the first to try it out?
Opt-in today!
Opt-in today!
You: Come on Microsoft, give us as an easy way to harden our tenants.
Microsoft: Here you go 👇
Microsoft: Here you go 👇
November 19, 2025 at 3:22 PM
You: Come on Microsoft, give us as an easy way to harden our tenants.
Microsoft: Here you go 👇
Microsoft: Here you go 👇
Note that SSPR (self-service password reset) is very different to account recovery...
November 19, 2025 at 3:22 PM
Note that SSPR (self-service password reset) is very different to account recovery...
The user clicks 'Recover your account' and is then stepped through a flow where the photo in their identity document is matched with a selfie of the user.
The user is then issued a Verified ID & a TAP to get into the tenant.
Learn more learn.microsoft.com/...
The user is then issued a Verified ID & a TAP to get into the tenant.
Learn more learn.microsoft.com/...
November 19, 2025 at 3:22 PM
The user clicks 'Recover your account' and is then stepped through a flow where the photo in their identity document is matched with a selfie of the user.
The user is then issued a Verified ID & a TAP to get into the tenant.
Learn more learn.microsoft.com/...
The user is then issued a Verified ID & a TAP to get into the tenant.
Learn more learn.microsoft.com/...
Enough about AI, let's get recovering passwords.
Entra ID Account Recovery is a new feature with built in support for verifying a user with their government issued document (license, passport).
You can pick from one of three ID Verification partners.
Let's see how it works
Entra ID Account Recovery is a new feature with built in support for verifying a user with their government issued document (license, passport).
You can pick from one of three ID Verification partners.
Let's see how it works
November 19, 2025 at 3:22 PM
Enough about AI, let's get recovering passwords.
Entra ID Account Recovery is a new feature with built in support for verifying a user with their government issued document (license, passport).
You can pick from one of three ID Verification partners.
Let's see how it works
Entra ID Account Recovery is a new feature with built in support for verifying a user with their government issued document (license, passport).
You can pick from one of three ID Verification partners.
Let's see how it works
MCP clients need to be explicitly granted permissions to these new MCP.* scopes
Go to aka.ms/mcp/entra learn more
Go to aka.ms/mcp/entra learn more
November 19, 2025 at 3:21 PM
MCP clients need to be explicitly granted permissions to these new MCP.* scopes
Go to aka.ms/mcp/entra learn more
Go to aka.ms/mcp/entra learn more
and experience the jaw dropping response from your favorite LLM in minutes!
Entra admins who master this new ability are going to get more done in less time.
Entra admins who master this new ability are going to get more done in less time.
November 19, 2025 at 3:21 PM
and experience the jaw dropping response from your favorite LLM in minutes!
Entra admins who master this new ability are going to get more done in less time.
Entra admins who master this new ability are going to get more done in less time.
Now we come to my favorite part.
Many of you know and love lokka.dev
Now there is an official one!
MCPs can be used for FREE with GitHub Copilot's free tier.
Ask natural language questions like this
Many of you know and love lokka.dev
Now there is an official one!
MCPs can be used for FREE with GitHub Copilot's free tier.
Ask natural language questions like this
November 19, 2025 at 3:21 PM
Now we come to my favorite part.
Many of you know and love lokka.dev
Now there is an official one!
MCPs can be used for FREE with GitHub Copilot's free tier.
Ask natural language questions like this
Many of you know and love lokka.dev
Now there is an official one!
MCPs can be used for FREE with GitHub Copilot's free tier.
Ask natural language questions like this
The agent user is an optional part of an agent identity.
It's only created if the agent needs to behave like a user (eg have it's own mailbox, etc)
In the future will we see tenants with more agent users than users? Satya thinks so...
Learn more learn.microsoft.com/...
It's only created if the agent needs to behave like a user (eg have it's own mailbox, etc)
In the future will we see tenants with more agent users than users? Satya thinks so...
Learn more learn.microsoft.com/...
November 19, 2025 at 3:21 PM
The agent user is an optional part of an agent identity.
It's only created if the agent needs to behave like a user (eg have it's own mailbox, etc)
In the future will we see tenants with more agent users than users? Satya thinks so...
Learn more learn.microsoft.com/...
It's only created if the agent needs to behave like a user (eg have it's own mailbox, etc)
In the future will we see tenants with more agent users than users? Satya thinks so...
Learn more learn.microsoft.com/...
An Agent Identity is one of the new concepts you are going to learn.
An agent identity is created by an agent blueprint.
Agent blueprints are a template for agent identities.
Learn more at learn.microsoft.com/...
An agent identity is created by an agent blueprint.
Agent blueprints are a template for agent identities.
Learn more at learn.microsoft.com/...
November 19, 2025 at 3:21 PM
An Agent Identity is one of the new concepts you are going to learn.
An agent identity is created by an agent blueprint.
Agent blueprints are a template for agent identities.
Learn more at learn.microsoft.com/...
An agent identity is created by an agent blueprint.
Agent blueprints are a template for agent identities.
Learn more at learn.microsoft.com/...
ID Protection will determine a baseline for an agent's normal activity and then continuously monitors it for anomalies.
Once an agent exhibits suspicious behavior, ID Protection flags the activity and marks it as risky.
More at learn.microsoft.com/...
Once an agent exhibits suspicious behavior, ID Protection flags the activity and marks it as risky.
More at learn.microsoft.com/...
November 19, 2025 at 3:21 PM
ID Protection will determine a baseline for an agent's normal activity and then continuously monitors it for anomalies.
Once an agent exhibits suspicious behavior, ID Protection flags the activity and marks it as risky.
More at learn.microsoft.com/...
Once an agent exhibits suspicious behavior, ID Protection flags the activity and marks it as risky.
More at learn.microsoft.com/...
Conditional access is coming to Agents!
Note: These Agent ID features are part of Agent 365
Learn more learn.microsoft.com/...
Note: These Agent ID features are part of Agent 365
Learn more learn.microsoft.com/...
November 19, 2025 at 3:21 PM
Conditional access is coming to Agents!
Note: These Agent ID features are part of Agent 365
Learn more learn.microsoft.com/...
Note: These Agent ID features are part of Agent 365
Learn more learn.microsoft.com/...
This is going to be time of learning for devs, IAM folks and security folks
There are lots of new concepts, terminologies, tokens to wrap your head around. I mean LOTS!
So take some time to start experimenting and exploring
There are lots of new concepts, terminologies, tokens to wrap your head around. I mean LOTS!
So take some time to start experimenting and exploring
November 19, 2025 at 3:21 PM
This is going to be time of learning for devs, IAM folks and security folks
There are lots of new concepts, terminologies, tokens to wrap your head around. I mean LOTS!
So take some time to start experimenting and exploring
There are lots of new concepts, terminologies, tokens to wrap your head around. I mean LOTS!
So take some time to start experimenting and exploring
Next we head over to everyones love/hate relationship with AI
Well if you are in IAM you are now also managing agents 😮
We've never added a NEW first class primitive like this in Entra ID
You are watching the birth of a new era
Well if you are in IAM you are now also managing agents 😮
We've never added a NEW first class primitive like this in Entra ID
You are watching the birth of a new era
November 19, 2025 at 3:21 PM
Next we head over to everyones love/hate relationship with AI
Well if you are in IAM you are now also managing agents 😮
We've never added a NEW first class primitive like this in Entra ID
You are watching the birth of a new era
Well if you are in IAM you are now also managing agents 😮
We've never added a NEW first class primitive like this in Entra ID
You are watching the birth of a new era
Synced passkeys is currently an opt-in.
So head over to the Authentication Methods blade in the Entra Portal to opt-in.
Learn more learn.microsoft.com/...
So head over to the Authentication Methods blade in the Entra Portal to opt-in.
Learn more learn.microsoft.com/...
November 19, 2025 at 3:20 PM
Synced passkeys is currently an opt-in.
So head over to the Authentication Methods blade in the Entra Portal to opt-in.
Learn more learn.microsoft.com/...
So head over to the Authentication Methods blade in the Entra Portal to opt-in.
Learn more learn.microsoft.com/...
Want to target different types of passkeys for each type of user? Or only want to enable synced passkeys for some users?
You can do that now with Passkey Profiles!
You can do that now with Passkey Profiles!
November 19, 2025 at 3:20 PM
Want to target different types of passkeys for each type of user? Or only want to enable synced passkeys for some users?
You can do that now with Passkey Profiles!
You can do that now with Passkey Profiles!
This is about to start happening, so get on the train...
Why would you still leave your users phishable when you can move to synced passkeys?
Why would you still leave your users phishable when you can move to synced passkeys?
November 19, 2025 at 3:20 PM
This is about to start happening, so get on the train...
Why would you still leave your users phishable when you can move to synced passkeys?
Why would you still leave your users phishable when you can move to synced passkeys?
Don't sleep on synced passkeys
November 19, 2025 at 3:20 PM
Don't sleep on synced passkeys
Who doesn't like Free!
If you have E5 & the number of users, you can now start running the CA Agent - only one SCU per day or week
Want a deep dive? Queue up these pods with the Microsoft PMs
🎧 CA Optimization Agent → entra.news/p/jordans...
🎧 Access Review Agent → entra.news/p/ai-is-c...
If you have E5 & the number of users, you can now start running the CA Agent - only one SCU per day or week
Want a deep dive? Queue up these pods with the Microsoft PMs
🎧 CA Optimization Agent → entra.news/p/jordans...
🎧 Access Review Agent → entra.news/p/ai-is-c...
November 19, 2025 at 3:20 PM
Who doesn't like Free!
If you have E5 & the number of users, you can now start running the CA Agent - only one SCU per day or week
Want a deep dive? Queue up these pods with the Microsoft PMs
🎧 CA Optimization Agent → entra.news/p/jordans...
🎧 Access Review Agent → entra.news/p/ai-is-c...
If you have E5 & the number of users, you can now start running the CA Agent - only one SCU per day or week
Want a deep dive? Queue up these pods with the Microsoft PMs
🎧 CA Optimization Agent → entra.news/p/jordans...
🎧 Access Review Agent → entra.news/p/ai-is-c...
Get ready, folks. 🌟
You’re about to witness ONE. BIG. BEAUTIFUL. ABSURDLY. EPIC. THREAD. 🧵🔥
Some say this might be the MOST EPIC and MOST RIDICULOUSLY LONG identity thread ever written
📗 Bookmark this
Honestly… the cover image alone deserves a like + retweet
DO IT 😂
You’re about to witness ONE. BIG. BEAUTIFUL. ABSURDLY. EPIC. THREAD. 🧵🔥
Some say this might be the MOST EPIC and MOST RIDICULOUSLY LONG identity thread ever written
📗 Bookmark this
Honestly… the cover image alone deserves a like + retweet
DO IT 😂
November 19, 2025 at 3:20 PM
Get ready, folks. 🌟
You’re about to witness ONE. BIG. BEAUTIFUL. ABSURDLY. EPIC. THREAD. 🧵🔥
Some say this might be the MOST EPIC and MOST RIDICULOUSLY LONG identity thread ever written
📗 Bookmark this
Honestly… the cover image alone deserves a like + retweet
DO IT 😂
You’re about to witness ONE. BIG. BEAUTIFUL. ABSURDLY. EPIC. THREAD. 🧵🔥
Some say this might be the MOST EPIC and MOST RIDICULOUSLY LONG identity thread ever written
📗 Bookmark this
Honestly… the cover image alone deserves a like + retweet
DO IT 😂
November 16, 2025 at 12:24 PM
RIP to one of the OGs 🥲
November 16, 2025 at 9:32 AM
RIP to one of the OGs 🥲