Home

AzureAD

Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, providing centralized authentication and authorization for users, apps, and devices in cloud and hybrid environments. It is a core component of Microsoft 365 and Azure, enabling single sign-on to thousands of SaaS applications, self-service password reset, and secure access to resources. It is distinct from on-premises Active Directory, though it can be synchronized with it to support hybrid identities. In practice, Microsoft positions Azure AD within the Entra family, with Entra ID serving as the modern directory designation.

Core capabilities include identity management for users and groups, application registration, and single sign-on to cloud

Licensing varies by feature set. A Free tier provides basic management and SSO; paid plans such as

apps.
It
supports
multi-factor
authentication
and
passwordless
options,
easing
secure
access.
Conditional
access
policies
enforce
controls
based
on
user,
group,
location,
device
health,
and
sign-in
risk.
Azure
AD
also
supports
external
collaboration
through
B2B
and
customer
identities
through
B2C,
broadening
access
management
to
partners
and
customers.
Governance
features
include
entitlement
management,
access
reviews,
and
Privileged
Identity
Management
for
time-limited
elevation.
It
integrates
with
on-premises
Active
Directory
via
Azure
AD
Connect
and
uses
standard
protocols
such
as
OAuth
2.0,
OpenID
Connect,
and
SAML
2.0.
Premium
P1
and
P2
unlock
advanced
conditional
access,
identity
protection,
PIM,
and
enhanced
governance.
Azure
AD
operates
as
a
cloud
service
with
tenancy-based
administration
across
cloud-only,
hybrid,
B2B,
and
B2C
scenarios.