MC1200058: Admins can block external users in Microsoft Teams from Defender Portal

Home » Update » MC1200058: Admins can block external users in Microsoft Teams from Defender Portal

Table of Contents

Summary
History
Microsoft Message
Introduction
When this will happen
How this affects your organization
What you can do to prepare
Compliance considerations

Summary

Integration between Microsoft Teams and Microsoft Defender for Office 365 enables management of blocked external users through the Tenant Allow/Block List in the Defender portal.
Security admins can add, delete, and view blocked users and domains for Teams; incoming communications from blocked users will be prevented and existing communications deleted.
Audit logs will be maintained for compliance monitoring; up to 4,000 blocked domains and 200 blocked email addresses can be configured.
Organizations should enable specific settings in the Teams admin center to leverage these new functionalities and inform helpdesk staff about the changes.

Admin Impact: Medium
User Impact: Low
Release Start: 01 Jan 2026
Release End: 15 Jan 2026
Services: Defender XDR, Teams
Category: Stay informed
Tags: New Feature, Admin Action

History

12/19/2025 Item Added to Message Center

Microsoft Message

Introduction

We’re introducing an integration between Microsoft Teams and Microsoft Defender for Office 365 that allows security admins to manage blocked external users in Teams through the Tenant Allow/Block List (TABL) in the Microsoft Defender portal. This centralized approach enhances security and compliance by enabling organizations to control external user access across Microsoft 365 services.

This message is associated with Roadmap ID 542189.

When this will happen

General Availability (Worldwide): Rollout begins early January 2026 and is expected to complete by mid-January 2026.

How this affects your organization

Who is affected: Organizations using Microsoft Teams and Microsoft Defender for Office 365 Plan 1 or Plan 2.

What will happen:

Security admins (with Teams admin permission) can add, delete, and view blocked external users and domains for Teams in the Microsoft Defender portal.

Screenshot 1: Image showcasing the teams block sender and block domain list in Microsoft Teams

Incoming communications (chats, channels, meetings, and calls) from blocked users will be prevented.
Existing communications from blocked users will be automatically deleted.
Audit logs will track actions taken to block users for compliance monitoring.
Entry limits: Up to 4,000 blocked domains and 200 email addresses can be configured for Teams.
This applies to all Teams clients and the Defender XDR web portal.
Existing federation configurations and domain blocks in the Teams admin center remain unaffected.

What you can do to prepare

Enable the setting “Block specific users from communicating with people in my organization” in the Teams admin center (default: Off).

Screenshot 2: Image showing the teams toggle for blocking sender email addresses in Microsoft Teams

Enable the setting “Allow my security team to manage blocked domains and blocked users” in the Teams admin center (default: Off).
Grant security team access to manage blocked domains and users in the Teams admin center.
Review internal documentation and inform helpdesk staff about this change.

Learn more: Tenant Allow/Block List documentation.

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.