Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-12-16 20:16:24
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
—
Services
Microsoft Teams, Microsoft Defender XDR
Tags
Updated message, New feature, User impact, Admin impact
Master tags
Admin, Security
Roadmap IDs
492985
One-line summary
Security admins can now manage blocked external domains in Teams via Defender portal using Tenant Allow/Block List; Teams admins must enable access for this integration.
Similar updates
More like thisMC1200058 Microsoft Defender for Office 365: Admins can block external users in Microsoft Teams from Defender Portal
(Updated) Microsoft Defender for Office 365: Admins can block external users in Microsoft Teams from Defender Portal Security admins can manage blocked external users and domains in Teams via the Defender portal Tenant Allow/Block List start... [Introduction] We’re introducing an integration between Microsoft Teams and Microsoft Defender for.
MC1150123 (Updated) Teams Admin Center: Control External Access by Domain for Specific Users and Groups
With this update, you can assign custom external access policies to users or groups with five configuration options: Use organization settings : Inherits the tenant’s default external access configuration Allow all external domains : All external organizations are trusted Allow only specific external domains : Only domains in the allow list are.
MC1187679 Microsoft Teams: Protection against tenant-owned domain impersonation in Teams chat
Microsoft Teams: Protection against tenant-owned domain impersonation in Teams chat Teams will soon alert users of external chat attempts impersonating tenant-owned domains, enhancing security for organizations with external access enabled. Feature is on by default and requires no admin action. [Introduction:] Coming soon to Microsoft Teams : A.
MC1147984 (Updated) Microsoft Teams: User reporting for incorrectly identified security concerns
(Updated) Microsoft Teams: User reporting for incorrectly identified security concerns Teams users can now report messages incorrectly flagged as security threats; feature rolls out GA by end of Nov 2025 and is on by default, with admin controls in Teams and Defender portals. Updated November 17, 2025: The rollout of “Report incorrect security.
MC1162275 Product transitions to the cloud.microsoft domain – September 2025
Product transitions to the cloud.microsoft domain – September 2025 Microsoft Teams is now available at teams.cloud.microsoft; users will be redirected from the old domain in coming months to enhance security. Update links and ensure .cloud.microsoft is not blocked. [Introduction] To improve security and trust across Microsoft cloud services,.
MC1191616 Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint
Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint New Secure Score recommendations for Defender for Endpoint will roll out in public preview, helping block attacks and improve endpoint protection by end of Nov 2025. Introduction We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for.
Details
RoadmapIds
492985
Summary
Microsoft Teams now integrates with Microsoft Defender for Office 365 Tenant Allow/Block List, enabling security admins to centrally manage blocked external domains in Teams. This feature, available with Defender Plan 1 or 2, blocks communications from specified domains, supports audit logging, and requires Teams admin enabling.
Platforms
Web
Body (from Message Center)
Updated December 16, 2025: We have updated the timeline. Thank you for your patience.
Introduction
We're introducing a new integration between Microsoft Teams and Microsoft Defender for Office 365 that enables security admins to manage blocked external domains in Teams using the Tenant Allow/Block List (TABL) in the Microsoft Defender portal. This feature enhances security by allowing organizations to centrally manage domain blocks across Microsoft 365 services.
This capability is available to customers with Microsoft Defender for Office 365 Plan 1 or Plan 2 and Microsoft Teams.
This message is associated with Microsoft 365 Roadmap ID 492985.
When this will happen
Targeted Release: We will begin rolling out late August 2025 and expect to complete by early September 2025.
General Availability (Worldwide): This is now generally available.
How this affects your organization
Security admins, with permission from Teams admins, will be able to:
- Add, delete, and view blocked external domains in Microsoft Teams using the Microsoft Defender portal.
- Prevent incoming communications (chats, channels, meetings, and calls) from blocked domains.
- Automatically delete existing communications from users in blocked domains.
- Track actions taken to block domains in audit logs, supporting compliance monitoring and reporting.
View and manage blocked domains for Teams in the Microsoft Defender portal:
This change does not affect existing federation configurations or domain blocks set in the Teams admin center.
- Entry limit: Up to 4,000 blocked domains can be configured for Teams.
- Client impact: Applies to all Teams clients and the Defender XDR web portal.
What you can do to prepare
To enable this feature -
- Ensure that external access in the Teams admin center is set to either:
- Block only specific external domains, or
- Allow all external domains
- Teams admins must enable the setting “Allow my security team to manage blocked domains” in the Teams admin center. This setting is off by default.
Enable security team access to manage blocked domains in the Teams admin center:
Compliance considerations
| Does the change modify how admins can monitor, report on, or demonstrate compliance activities such as Purview or admin reporting? | Both Microsoft Teams and the Defender portal generate audit logs for actions taken on blocked domains. These logs can be accessed via Microsoft Purview or Defender audit capabilities. |
| Does the change provide a new way of communicating between users, tenants, or subscriptions? | Security admins can now block external domains in Microsoft Teams using the Tenant Allow/Block List, which affects cross-tenant communications across chats, channels, meetings, and calls. |
| Does the change include an admin control, and can it be controlled through Entra ID group membership? | Teams admins must enable the toggle “Allow my security team to manage blocked domains” in the Teams admin center to grant access. This control can be managed through Entra ID group membership. |
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": null,
"ai_actions": [
"Enable \u0027Allow my security team to manage blocked domains\u0027 in Teams admin center",
"Set external access in Teams admin center to appropriate mode"
],
"ai_master_tags": [
"Admin",
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "Security admins can now manage blocked external domains in Teams via Defender portal using Tenant Allow/Block List; Teams admins must enable access for this integration.",
"ai_topics": [
"Teams",
"Defender",
"Entra"
],
"category": "stayInformed",
"details_map": {
"Platforms": "Web",
"RoadmapIds": "492985",
"Summary": "Microsoft Teams now integrates with Microsoft Defender for Office 365 Tenant Allow/Block List, enabling security admins to centrally manage blocked external domains in Teams. This feature, available with Defender Plan 1 or 2, blocks communications from specified domains, supports audit logging, and requires Teams admin enabling."
},
"id": "MC1133508",
"importance": 1,
"is_major_change": false,
"last_modified": "2025-12-16T20:16:24Z",
"ms_products": [
"Teams",
"Defender"
],
"platforms": "Web",
"roadmap_ids": [
"492985"
],
"services": [
"Microsoft Teams",
"Microsoft Defender XDR"
],
"severity": "normal",
"tags": [
"Updated message",
"New feature",
"User impact",
"Admin impact"
],
"title": "(Updated) Microsoft Teams Integration with Microsoft Defender for Office Tenant Allow/Block List for blocking domains"
}
}