The Complete Microsoft Government Portals Directory
All 44 official portal links for GCC, GCC High, GCC Moderate, and DoD environments — organized, verified, and maintained for compliance teams, IT admins, and federal contractors.
Why Microsoft Government Portal URLs Are Different
Microsoft intentionally isolates its government cloud from the commercial cloud — each environment (GCC, GCC High, and DoD) has completely separate portal URLs, subdomain conventions, and access controls. IT administrators routinely land on the wrong portal, wasting time or triggering access errors.
This directory consolidates all 44 official Microsoft government portals in one place. Whether you're configuring Microsoft Entra GCC High, managing Intune government devices, accessing Azure Government, or navigating the DoD Security Admin Center — every link is here.
For organizations pursuing CMMC compliance, selecting the right Microsoft government cloud tier is a critical first step. GCC High is typically required for defense contractors handling Controlled Unclassified Information (CUI) under DFARS 252.204-7012 and CMMC Level 2+.
This resource is maintained by Capital Cyber, a cybersecurity firm specializing in CMMC assessments, Microsoft 365 GCC High migrations, and federal cloud security for the defense industrial base.
Microsoft 365 GCC Portals
GCC meets FedRAMP Moderate requirements for US federal, state, and local government agencies and qualifying contractors.
Microsoft 365 Compliance GCC
compliance.microsoft.us
Open PortalMicrosoft 365 Security GCC
security.microsoft.com
Open PortalMicrosoft Teams Admin Center GCC
admin.gov.teams.microsoft.us
Open PortalMicrosoft Defender for Endpoint GCC
gcc.securitycenter.microsoft.us
Open PortalMicrosoft Intune Government Admin Center GCC
intune.microsoft.us
Open PortalMicrosoft Defender for Identity GCC
security.microsoft.com
Open PortalDefender for Cloud Apps (MCAS / MDCA) GCC
portal.cloudappsecuritygov.com
Open PortalMicrosoft Entra Admin Center GCC
entra.microsoft.us
Open PortalUnsure whether GCC or GCC High is right for you?
Defense contractors handling CUI typically require GCC High. Our team can assess your requirements and guide your migration.
Microsoft GCC High Portals
Required for most CMMC Level 2+ contractors. GCC High meets FedRAMP High, ITAR, EAR, and DFARS 252.204-7012 requirements.
Azure Portal GCC High
portal.azure.us
Open PortalMicrosoft 365 Admin Portal GCC High
portal.office365.us
Open PortalDynamics 365 Administration GCC High
port.crm.microsoftdynamics.us
Open PortalAzure Active Directory Portal GCC High
portal.azure.us (AAD blade)
Open PortalSecurity GCC High
security.microsoft.us
Open PortalPower Apps GCC High
high.admin.powerplatform.microsoft.us
Open PortalOneDrive Admin Center GCC High
admin.onedrive.us
Open PortalExchange Admin Center GCC High
admin.exchange.office365.us
Open PortalMicrosoft Defender for Endpoint GCC High
securitycenter.microsoft.us
Open PortalMicrosoft Entra Admin Center GCC High
entra.microsoft.us
Open PortalMicrosoft 365 Apps Admin Center GCC High
config.office365.us
Open PortalMicrosoft GCC Moderate Portals
Power Platform and Dynamics 365 portals for GCC Moderate tenants — Power Apps, Power Automate, Power BI, and Dynamics.
Power Apps Maker Portal GCC Moderate
make.gov.powerapps.us
Open PortalPower Platform Admin Center GCC Moderate
gcc.admin.powerplatform.microsoft.us
Open PortalPower Automate End User GCC Moderate
gov.flow.microsoft.us
Open PortalPower Automate Maker Portal GCC Moderate
make.gov.powerautomate.us
Open PortalPower BI GCC Moderate
app.powerbigov.us
Open PortalPower BI Admin Portal GCC Moderate
app.powerbigov.us/admin-portal
Open PortalDynamics 365 Administration GCC Moderate
port.crm9.dynamics.com
Open PortalMicrosoft DoD Cloud Portals
Exclusively for DoD personnel and contractors in Impact Level 4/5 environments. Requires DoD credentials or CAC authentication.
.apps.mil and .windows.us are restricted to authorized DoD personnel and contractors. Access may require CAC authentication or network-level restrictions.Microsoft 365 Admin Portal DoD
portal.apps.mil
Open PortalSharePoint Online Admin Center DoD
portal.apps.mil/SharePoint
Open PortalAzure AD Admin Center DoD
portal.azure.us (AAD blade)
Open PortalTeams Admin Center DoD
admin.dod.teams.microsoft.us
Open PortalMicrosoft 365 Admin Center DoD
portal.apps.mil/adminportal
Open PortalSecurity & Compliance Center DoD
scc.protection.apps.mil
Open PortalPower Platform Admin Center DoD
admin.appsplatform.us
Open PortalDefender Admin Center DoD
securitycenter.windows.us
Open PortalSecurity Admin Center DoD
security.apps.mil
Open PortalMicrosoft 365 Defender Reports DoD
security.microsoft.us/reports
Open PortalEndpoint Manager DoD
endpoint.microsoft.us
Open PortalAzure Admin Portal DoD
portal.azure.us
Open PortalMicrosoft Government Cloud FAQ
Key answers for IT admins and compliance teams navigating GCC, GCC High, and DoD environments.
What is the difference between GCC and GCC High?
GCC meets FedRAMP Moderate and serves state, local, and federal agencies with non-sensitive data. GCC High meets FedRAMP High and is required for organizations handling Controlled Unclassified Information (CUI), ITAR data, or subject to DFARS 252.204-7012. Most defense contractors pursuing CMMC Level 2 need GCC High.
Do CMMC Level 2 contractors need GCC High?
Yes — in almost all cases. CMMC Level 2 requires all 110 NIST SP 800-171 controls, and CUI must be in a FedRAMP High authorized environment. Microsoft 365 GCC High is the most common platform for DIB contractors. Our team specializes in CMMC assessments and GCC High migrations.
Why are government portal URLs different from commercial?
Microsoft separates government cloud infrastructure to ensure data sovereignty, FedRAMP authorization boundaries, and access controls. Government tenants are hosted on isolated US hardware staffed exclusively by screened US persons — so all admin portals use distinct domains like .microsoft.us or .apps.mil.
What is Microsoft Entra GCC High?
Microsoft Entra (formerly Azure Active Directory) GCC High is the identity and access management platform for GCC High tenants — conditional access, MFA, Privileged Identity Management — within the FedRAMP High boundary. Access it at entra.microsoft.us.
Which portals do DoD contractors use?
DoD portals use .apps.mil and .windows.us domains, restricted to DoD personnel with valid credentials. Primary portals: portal.apps.mil (M365 admin), security.apps.mil (Security admin), and portal.azure.us (Azure). See the full DoD section above for all 12 links.
Does my organization need to migrate to GCC High?
If you hold a DoD contract, handle CUI, or are subject to DFARS or CMMC, you likely need GCC High. Migration from commercial M365 or GCC requires planning for tenant-to-tenant migration, email, SharePoint, OneDrive, and Teams. Contact our team for a free migration assessment.
What is Azure Government used for?
Azure Government provides IaaS and PaaS services — VMs, storage, databases, networking — within FedRAMP High and DoD Impact Level 4/5 boundaries. Both GCC High and DoD tenants use portal.azure.us as their Azure management portal.
How does Defender GCC differ from commercial?
Defender for Endpoint GCC and GCC High are functionally equivalent to commercial Defender but hosted within isolated government infrastructure. GCC: gcc.securitycenter.microsoft.us. GCC High: securitycenter.microsoft.us. DoD: securitycenter.windows.us. All meet CMMC and NIST 800-171 EDR requirements.
Need Help Navigating Microsoft Government Cloud for CMMC Compliance?
From GCC High migrations to CMMC Level 2 readiness assessments — our team has guided defense contractors across manufacturing, professional services, and healthcare through federal compliance.
Related Resources
Case studies and services from Capital Cyber — helping organizations achieve compliance and protect their business.
CMMC Compliance for Defense Contractors: How Iron Lift Won Federal Contracts
How a manufacturing firm achieved CMMC Level 1 compliance, strengthened their NIST posture, and became competitive for federal contracts.
Read Case StudyCPA Firm Cybersecurity: Protecting 30+ Years of Client Trust
How John Geantasio CPA implemented Microsoft 365 hardening, MFA, and security training to defend sensitive client financial data.
Read Case StudyCMMC Compliance Services for Defense Contractors
End-to-end CMMC readiness assessments, gap analysis, SSP development, and remediation for DoD supply chain contractors.
Learn More