MC1133508 - Microsoft Teams Integration with Microsoft Defender for Office Tenant Allow/Block List for blocking domains
Service
Published
Tag
Platforms
Summary
Microsoft Teams now integrates with Microsoft Defender for Office 365 Tenant Allow/Block List, enabling security admins to centrally manage blocked external domains in Teams. This blocks communications from those domains, supports audit logging, and requires Teams admins to enable security team access. Rollout begins mid-August 2025.
More information
Introduction
We're introducing a new integration between Microsoft Teams and Microsoft Defender for Office 365 that enables security admins to manage blocked external domains in Teams using the Tenant Allow/Block List (TABL) in the Microsoft Defender portal. This feature enhances security by allowing organizations to centrally manage domain blocks across Microsoft 365 services.
This capability is available to customers with Microsoft Defender for Office 365 Plan 1 or Plan 2 and Microsoft Teams.
This message is associated with Microsoft 365 Roadmap ID 492985.
When this will happen
Targeted Release: We will begin rolling out in mid-August 2025 and expect to complete by mid-September 2025.
General Availability (Worldwide): We will begin rolling out mid-September 2025 and expect to complete by late September 2025.
How this affects your organization
Security admins, with permission from Teams admins, will be able to:
- Add, delete, and view blocked external domains in Microsoft Teams using the Microsoft Defender portal.
- Prevent incoming communications (chats, channels, meetings, and calls) from blocked domains.
- Automatically delete existing communications from users in blocked domains.
- Track actions taken to block domains in audit logs, supporting compliance monitoring and reporting.
View and manage blocked domains for Teams in the Microsoft Defender portal:
This change does not affect existing federation configurations or domain blocks set in the Teams admin center.
- Entry limit: Up to 4,000 blocked domains can be configured for Teams.
- Client impact: Applies to all Teams clients and the Defender XDR web portal.
What you can do to prepare
To enable this feature -
- Ensure that external access in the Teams admin center is set to either:
- Block only specific external domains, or
- Allow all external domains
- Teams admins must enable the setting “Allow my security team to manage blocked domains” in the Teams admin center. This setting is off by default.
Enable security team access to manage blocked domains in the Teams admin center:
Compliance considerations
| Does the change modify how admins can monitor, report on, or demonstrate compliance activities such as Purview or admin reporting? | Both Microsoft Teams and the Defender portal generate audit logs for actions taken on blocked domains. These logs can be accessed via Microsoft Purview or Defender audit capabilities. |
| Does the change provide a new way of communicating between users, tenants, or subscriptions? | Security admins can now block external domains in Microsoft Teams using the Tenant Allow/Block List, which affects cross-tenant communications across chats, channels, meetings, and calls. |
| Does the change include an admin control, and can it be controlled through Entra ID group membership? | Teams admins must enable the toggle “Allow my security team to manage blocked domains” in the Teams admin center to grant access. This control can be managed through Entra ID group membership. |