Microsoft Entra tenant governance related-tenant discovery helps MSP and IT teams find shadow tenants connected through B2B collaboration, multitenant apps, and shared billing relationships. If you run Entra at scale, this gives you a practical way to keep an up-to-date tenant inventory instead of relying on one-off audits.
What changed
Microsoft added continuous discovery for related tenants in Entra tenant governance. The feature surfaces tenants connected to your environment through cross-tenant signals, then keeps that list updated as new relationships appear. In the product guidance, Microsoft positions this as a way to reduce blind spots before they become incidents.
Why this matters to operators
Most teams know their primary production tenant and maybe a few dev or test tenants. The risk shows up in everything else: old acquisition tenants, partner-created proof-of-concept tenants, and legacy environments that still have active trust paths. Related-tenant discovery gives security and identity admins a concrete triage queue: what is known, what is unknown, and what needs containment first.
Key points from Microsoft's rollout
- Discovery is signal-based, including B2B collaboration, multitenant application relationships, and shared billing connections.
- The related-tenant inventory is continuously updated, not a one-time scan.
- Unknown tenants can be moved into a quarantine and assessment workflow using existing tenant quarantine capabilities.
- Microsoft states the legacy workforce tenant creation flow will retire on August 15, 2026, and recommends moving to the new add-on tenant creation flow.
What to do next
- Enable related-tenant discovery in Entra admin center (Tenant governance > Related tenants) or through the tenant governance API.
- Review newly surfaced tenants and label each one as sanctioned, unknown, or pending investigation.
- For unknown or high-risk tenants, apply a quarantine workflow and restrict interactions until assessment is complete.
- Update governance policy so every new tenant has an owner, review cadence, and documented retirement path.
- Plan migration away from legacy workforce tenant creation before the August 15, 2026 retirement date.
For MSP teams supporting multiple clients, this is less about adding another dashboard and more about establishing repeatable tenant hygiene: discover, triage, quarantine when needed, and keep the inventory current.
