The retirement of MS-100 and MS-101 isn't just an administrative change — it signals a deliberate repositioning of what Microsoft expects a cloud professional to look like. Here's how to interpret it and plan accordingly.
If you've been in the Microsoft ecosystem for a while, you've watched the certification landscape change significantly. Exams get retired, consolidated, and replaced. Sometimes the changes feel arbitrary. Sometimes — if you look carefully — they signal something real about where the industry is heading.
The retirement of MS-100 (Microsoft 365 Identity and Services) and MS-101 (Microsoft 365 Mobility and Security), and their consolidation into MS-102 (Microsoft 365 Administrator Expert), along with the emergence of SC-300 (Identity and Access Administrator Associate) as a distinct specialisation — this one is worth paying attention to.
I hold both MS-100 and MS-101. I sat those exams at a time when the Microsoft 365 Administrator path represented a clear career track for senior IT professionals managing enterprise tenants. Here's how I read the changes, and what I think it means for cloud professionals charting a certification path today.
The old Microsoft 365 Expert track (MS-100 + MS-101) assumed a single highly capable administrator who understood everything about an M365 tenant: identity, compliance, security, device management, Exchange, SharePoint, Teams. That was a realistic role description five years ago.
The new model reflects what enterprise organisations actually look like now: teams of specialists, not generalist admins. Microsoft's certification restructure mirrors this:
| Old model | New model | Focus area |
|---|---|---|
| MS-100 + MS-101 → M365 Expert | MS-102 → M365 Administrator Expert | Tenant administration, Teams, compliance |
| (Identity covered within MS-100) | SC-300 → Identity and Access Administrator | Entra ID, Conditional Access, Identity Governance, PIM |
| (Security covered within MS-101) | SC-200 → Security Operations Analyst | Microsoft Sentinel, Defender XDR, threat investigation |
| (Compliance covered within MS-101) | SC-400 → Information Protection Admin | Data classification, DLP, retention, Purview |
This isn't fragmentation for its own sake. It reflects the increasing specialisation of cloud security and compliance roles in enterprise organisations. The person managing your identity infrastructure is increasingly a dedicated resource — not someone who also manages your SharePoint site collections.
Your existing credentials are still valid and still demonstrate meaningful knowledge. The MS-100 and MS-101 content covered real depth in identity, Entra ID (then called Azure AD), Exchange Online, and device management. That knowledge doesn't expire when the certification does.
But the way you position it matters. A resume or profile that simply lists "MS-100 / MS-101" without translation tells a recruiter less than one that highlights the capabilities those certifications represent:
Those are the skills. The certification code is just the badge.
For job seekers: If you're describing your MS-100/MS-101 experience on a CV, translate it. "Designed and implemented Conditional Access policies for 1,200-seat M365 tenant" is more useful than "holds MS-100."
If I were advising someone building their certification path today — particularly someone with a background in Microsoft cloud infrastructure — here's how I'd think about it:
SC-300 (Identity and Access Administrator) is the most directly valuable credential right now. Entra ID, Conditional Access, PIM, Identity Protection, and B2B/B2C scenarios are among the most in-demand skills in the market. The SC-300 + AZ-104 combination positions you as someone who can architect both the infrastructure and the identity layer.
AZ-700 (Network Engineer Associate) deepens the Azure networking knowledge that AZ-104 introduces. Combined with practical hybrid connectivity experience, this positions you as a cloud architect capable of handling the full network design for enterprise environments.
The GitHub certifications (GH-900 Foundations, GH-200 Actions, GH-300 Advanced Security) are increasingly relevant as organisations adopt GitHub for both code and infrastructure-as-code workflows. They signal an understanding of modern development workflows that pure infrastructure certifications don't cover.
The pattern in Microsoft's certification evolution is consistent: they're mapping credentials to the roles that enterprise organisations actually hire for, not the all-in-one administrator role that smaller IT teams have relied on. The professionals who adapt to this model — who can articulate a specific area of depth rather than general breadth — are better positioned in the current market.
That doesn't mean generalists are obsolete. In smaller organisations and MSP environments, breadth still matters. But at the enterprise level, and particularly in cloud-first organisations, the role-based specialist is increasingly what's being hired.
The certification retirements are a signal. The question is what you choose to do with it.