Occasional Contributor



An ATA customer with 60 000 seats has two new feature requests for ATA. I’ve told them that while ATA is still officially supported, Azure ATP is where the focus is, and it may be challenging to get new features added to ATA, but it doesn’t hurt to ask.


They will formally submit a Design Change Request via their TAM/SDM, but I wanted to see if anyone here has valuable input before that.


One of their requirements is MFA for accessing the portal, which is not possible today (see discussion here). We see at least two ways for this:

  • Support in ATA for federated login (i.e., forcing MFA on the Identity Provider side)
  • Adding native support for MFA/smartcard in ATA Center

The other is Group Managed Service Accounts (gMSA).

Today, the ATA Gateway service can run with a gMSA (at least according to the release notes of v1.8, but not documented anywhere else). But they want the ATA Center service to also run with a gMSA.


Again, not really questions, more asking for feedback/input before they formally submit a formal Design Change Request.