Extend PIM into Enterprise Application User Assignment and Roles
PIM for only admin of Azure and O365 is fine as a local solution, but it without broader applicability we still need to look for something else to build into our security fabric.
Please consider extending PIM to make it relevant to account privilege escalation in any system integrated with AAD.
Extending to just group membership would be a good halfway step, but why not natively support any OAuth2 role assignments?
Hi, we just released Privileged access groups. Let us know if this feature helps solve your scenario (aka.ms/pag)