Unit 11: Create Custom Security Attributes

Purpose

Custom security attributes extend the Entra object model with organization-specific data. They’re useful for custom categorization, automation, and fine-grained access control.

Examples of Custom Attributes

• EmployeeHireDate = 2021-05-14
• HourlySalary = 42
• ProjectCode = “Alpha2025”
• DataSensitivity = “Confidential”

Features

• Tenant-wide availability.
• Support for string, integer, and boolean data types.
• Single or multiple values allowed.
• Can use predefined or free-form values.
• Can be synchronized from on-prem AD.
• Controlled visibility: only specific admins can view/edit sensitive attributes.

Example: Fabrikam defines a custom attribute ClearanceLevel for users, enabling Conditional Access to confidential SharePoint libraries only for employees with “Level 3” clearance.