Idea ID: 2811728

Extend Temporary Group Assignments capability to support Azure AD

Status : Under Consideration
Under Consideration
See status update history

With DRA 10 supporting Azure AD users and groups, Temporary Group Assignments capability can be extended to handle Azure AD identities

This is a great feature to provide time-based privileges to the user to resources/applications and if this capability is extended to support Azure AD identities, it can have a different dimension to use both On-prem and Azure resources/applications

Possible use case:

Adam a contract employee joins an organization. He is provisioned in Azure AD for various application access as part of being a product team.

He also requires Office 365 application access only for a month in his tenure. Instead of giving him privilege access to Adam for his entire tenure, he can be added to a group (that has access to O365 applications) on a temporary basis whenever he is needing it automatically and de-provision him. This way, the license/subscriptions can be better managed


Azure AD
Temporary Group Assignment