Azure AD Access Reviews is a feature that enables you to periodically review and manage access to your organization’s resources in Azure AD. It provides a way to ensure that only the right people have access to resources and that access is appropriately granted and revoked. Access reviews can be configured for a variety of resources, including groups, applications, and privileged roles.
Access Reviews work by scheduling periodic reviews of access to resources. During these reviews, reviewers can see a list of users who have access to the resource and decide whether to keep or remove their access. Reviewers can also provide a justification for their decision and add comments.
Access Reviews can be configured to notify reviewers via email or Microsoft Teams when a review is available. Reviewers can then access the review through a link in the notification and complete it. The results of the reviews are stored in Azure AD, providing a record of access changes over time.
Access Reviews are useful for ensuring that access to resources is aligned with organizational policies, that privileged roles are regularly reviewed, and that users have access only to the resources they need. This can help reduce the risk of data breaches and unauthorized access to critical resources.
Overall, Azure AD Access Reviews is a powerful feature that provides a way to manage access to resources in Azure AD, ensuring that only the right people have access to resources and that access is appropriately granted and revoked over time.