💡 Our Technical Review in summary
Microsoft is transitioning its first-party authenticated SaaS products to the unified cloud.microsoft domain. As part of this initiative, Microsoft Visio is now available at the new endpoint (https://visio.cloud.microsoft/). This transition is part of a broader strategy to consolidate Microsoft 365 services under a dedicated, secure, and easily identifiable top-level domain (TLD) to enhance security and reduce spoofing risks.
#### Impact
- Parallel Access: Visio is currently accessible via both the legacy domains and the new cloud.microsoft domain.
- Automatic Redirection: In the coming months, Microsoft will begin automatically redirecting legacy Visio URLs to the new domain.
- User Experience: Users will notice the absence of the “.com” extension. Because “.microsoft” is a proprietary TLD, it provides a higher level of trust and security.
- Backward Compatibility: Existing links to Visio files and applications will remain functional through server-side redirection.
- Network Security: Organizations that restrict outbound traffic via allow-lists may experience service interruptions if the new domain is not permitted.
#### Action Required
- Network Configuration: Ensure that
*.cloud.microsoftis permitted in your enterprise firewall, proxy servers, and endpoint security configurations. This aligns with standard Microsoft network guidance issued since April 2023. - User Education: Inform users that
cloud.microsoftis an official and legitimate Microsoft domain. This prevents confusion and helps users distinguish official services from potential phishing attempts. - Documentation Updates: Audit and update internal company portals, IT helpdesk guides, and training materials that reference legacy Visio URLs to reflect the new domain.
- App Development: Coordinate with internal developers who maintain custom Teams, Outlook, or Microsoft 365 integrations. They must ensure their applications are updated to support the domain change to maintain full functionality.
Microsoft Official Update
Service: N/A
Category: stayInformed
Severity: normal
The cloud.microsoft domain was provisioned in early 2023 to provide a unified, trusted, and dedicated DNS domain space to host Microsoft’s first-party authenticated SaaS products and experiences. This post is to inform admins that the following Microsoft products and scenarios are now available at the cloud.microsoft domain, in parallel with the previous domains.
- Microsoft Visio (https://visio.cloud.microsoft/)
[When this will happen:]
The services above are already available on cloud.microsoft, in parallel to their previous domains. You can expect the previous domains to be redirected to cloud.microsoft in the coming months.
[How this will affect your organization:]
- The cloud.microsoft domain has been a part of standard Microsoft network guidance on domains and service endpoints since April 2023. If you are currently following this guidance, this change should not impact users in your organization using the above applications under the new domain.
- Users will be redirected to applications under cloud.microsoft domains gradually and automatically. No specific user action is required. Links to the previous domains are backwards compatible and continue to be supported. Users may notice that the new application domains are lacking the “.com” extension. This is by design, as “.microsoft” is Microsoft’s own top-level domain – and this exclusivity allows for additional security and protection against spoofing.
[What you need to do to prepare:]
- Educate users to recognize and expect cloud.microsoft as a key domain for Microsoft cloud experiences. You can refer them to What is cloud.microsoft? – Microsoft Support for more information.
- If your organizational websites, tools, or other materials reference the old URL, those links will be automatically redirected. However, it would be good practice to update those assets to avoid user confusion.
- Partner with developers of in-house Teams apps – including those that run on Outlook and Microsoft 365 – to take the actions described in Action required: ensure your Microsoft Teams apps are ready for upcoming domain changes so the apps continue to function on the new domain.
- Admins should ensure that connections to *.cloud.microsoft are not blocked from their clients and enterprise networks. This should require no action if standard Microsoft network guidance on domains and service endpoints is being followed.
