This is a great feature! However, it misses a class of scenarios that prevent my organization from using it.
We are a relatively new company, so our identity exists only in AAD -- we don't even have an on-prem AD. Since Windows 10 came out, everyone's PCs are joined to AAD, and everyone authenticates to their computers using their OrgIds within AAD. Unfortunately the new AAD integrated security doesn't include this.
On the password side, all developers/QA/support who have access to any Azure resources have mandatory 2-factor authentication. The nature of SSMS doesn't really support this either. I suppose people could generate app passwords, but they're pretty cumbersome to use; while they do offer central account administration, they are no better than SQL logins from a usability perspective.
I would love to see support added for one or both of the above; either would enable a lot of additional use cases! Regardless, I love the direction this is moving. Good stuff.