Prepare for the Microsoft unified domain change
Microsoft is consolidating its user-facing Microsoft 365 apps and services under a single domain: cloud.microsoft. This unified domain aims to simplify navigation for end users, improve administrative management, and enhance cross-app experiences. Unlike traditional domains like .com or .net, cloud.microsoft falls under the exclusive .microsoft top-level domain, which Microsoft solely operates.
This setup provides enhanced security, privacy, and protection against spoofing, ensuring that any site or app ending with “cloud.microsoft” is an official Microsoft product.
Benefits and security considerations
Consolidating Microsoft 365 experiences under the cloud.microsoft domain offers numerous benefits. For end users, it simplifies navigation by reducing sign-ins, redirects, and delays across apps. Administrators benefit from decreased complexity in allowlists, enhancing security and productivity. This change also improves integration and performance across the Microsoft 365 ecosystem for Microsoft customers and developers.
The exclusive .microsoft top-level domain enhances security, trustworthiness, and integrity, with Microsoft as the sole operator. This ensures that all experiences under the *.cloud.microsoft domain are legitimate, secure, and compliant, free from third-party interference and maintained to high security standards.
Preparations for the change
In essence, each service gets a new URL, for example: teams.microsoft.com becomes teams.cloud.microsoft
Initially, new services will already be launched on the cloud.microsoft domain, while existing services will transition more gradually. While there are automatic redirects from the old to the new domains during the transition time, we recommend to regularly monitor and update your allowlists, i.e. on your proxy or firewall infrastructure, with the new URLs in order to maintain access.
A summary of already known URLs can be found on this here:
- Unified cloud.microsoft domain for Microsoft 365 apps – Microsoft 365 Enterprise | Microsoft Learn
- Microsoft 365 URLs and IP address ranges – Microsoft 365 Enterprise | Microsoft Learn
FAQ
- What about workloads beyond Microsoft 365?
The current announcement is limited to Microsoft 365. Microsoft will share plans for other services in the future. - Why not microsoft.com?
The microsoft.com domain currently hosts a wide variety of content: not just Software as a service (SaaS) apps, but also marketing, support, e-commerce, and more. Keeping SaaS experiences isolated in their own domain space establishes a clean security boundary for Microsoft’s compliant authenticated experiences and enables simplified endpoint allow-list management for admins. There are also anti-spoofing and integrity benefits to hosting such experiences on an exclusive, purposefully-managed TLD like .microsoft vs. a generic TLD like .com. - Is microsoft.com going away?
No. Microsoft.com will continue to be used for non-product experiences such as marketing, support, and e-commerce. Only authenticated, user-facing product experiences will be hosted on cloud.microsoft.