Howdy folks,

I’m excited to announce that the staged rollout to cloud authentication is now available in public preview. This feature allows you to migrate your users’ authentication from federation—via AD FS, Ping Federate, Okta, or any other federation on-premises system—to cloud authentication in a staged and controlled manner. More than 100 customers have used this feature to successfully cutover to cloud authentication during our private preview.

Moving your Azure AD authentication from federation on-premises to the cloud allows you to manage user and device sign-in from your control plane in Azure AD. You’ll benefit from reducing the dependency on on-premises infrastructure, which typically includes a farm of servers and proxies that need to be accessible from the internet. You won’t need to worry about patching of servers, availability and reliability of the authentication service, or managing ports on a firewall. In addition, you could also use staged rollout to move from a federated cloud identity provider to Azure AD authentication.

This helps you to avoid a cutover of your entire domain and selectively testing on a group of users to use cloud authentication capabilities like Azure Multi-Factor Authentication (MFA), Conditional Access, Identity Protection for leaked credentials, Identity Governance, and others.

Learn more





Check out our documentation t o learn more about this feature and its prerequisites.



Watch the video to see what is staged rollout in Azure AD .



`

Alex Simons (@Alex_A_Simons )

Corporate VP of Program Management

Microsoft Identity Division