← Back
Microsoft Defender for Office 365: Admins can block external users in Microsoft Teams from Defender Portal
MC1200058 · build prod-20251231-200323
Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-12-19 07:08:18
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
2026-01-01 00:00:00
Services
Microsoft Teams, Microsoft Defender XDR
Tags
New feature, Admin impact
Master tags
Security
Roadmap IDs
542189

One-line summary

Teams and Defender for Office 365 integration lets security admins centrally manage blocked external users/domains in Teams via the Defender portal; rollout starts January 2026.

Similar updates

More like this
MC1133508 (Updated) Microsoft Teams Integration with Microsoft Defender for Office Tenant Allow/Block List for blocking domains
(Updated) Microsoft Teams Integration with Microsoft Defender for Office Tenant Allow/Block List for blocking domains Microsoft Teams now integrates with Microsoft Defender for Office 365 Tenant Allow/Block List, enabling security admins to cen... Introduction We're introducing a new integration between Microsoft Teams and Microsoft Defender for.
MC1150123 (Updated) Teams Admin Center: Control External Access by Domain for Specific Users and Groups
(Updated) Teams Admin Center: Control External Access by Domain for Specific Users and Groups Teams admins can now assign custom external access policies to users/groups, enabling granular control over which external domains they can interact with; GA rollout starts late Octobe... Introduction We are introducing a new capability in Microsoft.
MC1187679 Microsoft Teams: Protection against tenant-owned domain impersonation in Teams chat
Microsoft Teams: Protection against tenant-owned domain impersonation in Teams chat Teams will soon alert users of external chat attempts impersonating tenant-owned domains, enhancing security for organizations with external access enabled. Feature is on by default and requires no admin action. [Introduction:] Coming soon to Microsoft Teams : A.
MC1187837 Microsoft Defender for Office 365 Zero-hour auto-purge (ZAP) Teams protection capabilities to Defender for Office Plan 1
Microsoft Defender for Office 365 Zero-hour auto-purge (ZAP) Teams protection capabilities to Defender for Office Plan 1 Starting January 6, 2026, Zero-hour auto-purge (ZAP) will be enabled by default for Teams in Defender for Office 365 Plan 1, automatically quarantining malicious messages. [Introduction] Starting January 6, 2026 ,  Zero-hour.
MC1147984 (Updated) Microsoft Teams: User reporting for incorrectly identified security concerns
...rting for incorrectly identified security concerns Teams users can now report messages incorrectly flagged as security threats; feature rolls out GA by end of Nov 2025 and is on by default, with admin controls in Teams and Defender portalsIntroduction Microsoft Teams now enables users to report messages they believe were incorrectly flagged as.
MC1191616 Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint
Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint New Microsoft Secure Score recommendations for Defender for Endpoint will roll out in public preview starting late November 2025, helping block attacks and improve endpoint security. Introduction We’re introducing new Microsoft Secure Score recommendations for.

Details

RoadmapIds
542189
Summary
Admins can now block external users in Microsoft Teams via the Tenant Allow/Block List in the Microsoft Defender portal, controlling access and communications. This feature, rolling out January 2026, supports up to 4,000 domains and 200 emails, with audit logging and no impact on existing Teams settings.
Platforms
Web

Body (from Message Center)

[Introduction]

We’re introducing an integration between Microsoft Teams and Microsoft Defender for Office 365 that allows security admins to manage blocked external users in Teams through the Tenant Allow/Block List (TABL) in the Microsoft Defender portal. This centralized approach enhances security and compliance by enabling organizations to control external user access across Microsoft 365 services.

This message is associated with Roadmap ID 542189.

[When this will happen:]

General Availability (Worldwide): Rollout begins early January 2026 and is expected to complete by mid-January 2026.

[How this affects your organization:]

Who is affected: Organizations using Microsoft Teams and Microsoft Defender for Office 365 Plan 1 or Plan 2.

What will happen:

  • Security admins (with Teams admin permission) can add, delete, and view blocked external users and domains for Teams in the Microsoft Defender portal.

    • Screenshot 1: Image showcasing the teams block sender and block domain list in Microsoft Teams

    user settings

  • Incoming communications (chats, channels, meetings, and calls) from blocked users will be prevented.
  • Existing communications from blocked users will be automatically deleted.
  • Audit logs will track actions taken to block users for compliance monitoring.
  • Entry limits: Up to 4,000 blocked domains and 200 email addresses can be configured for Teams.
  • This applies to all Teams clients and the Defender XDR web portal.
  • Existing federation configurations and domain blocks in the Teams admin center remain unaffected.

[What you can do to prepare:]

  • Enable the setting “Block specific users from communicating with people in my organization” in the Teams admin center (default: Off).

    • Screenshot 2:  Image showing the teams toggle for blocking sender email addresses in Microsoft Teams

    user settings

  • Enable the setting “Allow my security team to manage blocked domains and blocked users” in the Teams admin center (default: Off).
  • Grant security team access to manage blocked domains and users in the Teams admin center.
  • Review internal documentation and inform helpdesk staff about this change.
  • Learn more: Tenant Allow/Block List documentation.

[Compliance considerations:]

No compliance considerations identified, review as appropriate for your organization.

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw 
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": "2026-01-01T00:00:00Z",
    "ai_actions": [
      "Enable Teams settings for blocking users/domains",
      "Grant security team management access",
      "Review documentation and inform helpdesk"
    ],
    "ai_master_tags": [
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Teams and Defender for Office 365 integration lets security admins centrally manage blocked external users/domains in Teams via the Defender portal; rollout starts January 2026.",
    "ai_topics": [
      "Teams",
      "Defender"
    ],
    "category": "stayInformed",
    "details_map": {
      "Platforms": "Web",
      "RoadmapIds": "542189",
      "Summary": "Admins can now block external users in Microsoft Teams via the Tenant Allow/Block List in the Microsoft Defender portal, controlling access and communications. This feature, rolling out January 2026, supports up to 4,000 domains and 200 emails, with audit logging and no impact on existing Teams settings."
    },
    "id": "MC1200058",
    "importance": 4,
    "is_major_change": false,
    "last_modified": "2025-12-19T07:08:18Z",
    "ms_products": [
      "Teams",
      "Defender"
    ],
    "platforms": "Web",
    "roadmap_ids": [
      "542189"
    ],
    "services": [
      "Microsoft Teams",
      "Microsoft Defender XDR"
    ],
    "severity": "normal",
    "tags": [
      "New feature",
      "Admin impact"
    ],
    "title": "Microsoft Defender for Office 365: Admins can block external users in Microsoft Teams from Defender Portal"
  }
}