What is Azure Active Directory?
In this we will learn and understand about Azure Active Directory and its other features.
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. This helps organizations to enable their employees, guests, and others to sign in and access the resources they need, including:
- Firstly, Internal resources, such as apps on your corporate network and intranet, and cloud apps developed by your own organization.
- Secondly, External services, such as Microsoft Office 365, the Azure portal, and any SaaS applications used by your organization.
Further, Azure AD simplifies the way organizations manage authorization and access by providing a single identity system for their cloud and on-premises applications. Moreover, it also allows organizations to securely enable the use of personal devices, such as mobiles and tablets, and enable collaboration with business partners and customers.
Who uses Azure AD?
Azure AD is intended for:
- Firstly, IT admins. As an IT admin, you can use Azure AD to control access to your apps and your app resources, based on your business requirements. For example, you can use Azure AD to require multi-factor authentication when accessing important organizational resources. Additionally, you can use Azure AD to automate user provisioning between your existing Windows Server AD and your cloud apps, including Microsoft 365. Finally, Azure AD gives you powerful tools to automatically help protect user identities and credentials and to meet your access governance requirements.
- Secondly, App developers. As an app developer, you can use Azure AD as a standards-based approach for adding a single sign-on (SSO) to your app, allowing it to work with a user’s pre-existing credentials. Moreover, Azure AD also provides APIs that can help you build personalized app experiences using existing organizational data.
- Lastly, Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers. As a subscriber, you’re already using Azure AD. Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an Azure AD tenant.
What are the Azure AD licenses?
Microsoft Online business services, such as Microsoft 365 or Microsoft Azure, require Azure AD for sign-in and to help with identity protection. However, if you subscribe to any Microsoft Online business service. Then, you can automatically get Azure AD with access to all the free features.
- Firstly, Azure Active Directory Free. Provides user and group management, on-premises directory synchronization, basic reports, self-service password change for cloud users, and single sign-on across Azure, Microsoft 365, and many popular SaaS apps.
- Secondly, Azure Active Directory Premium P1. In addition to the Free features, P1 also lets your hybrid users access both on-premises and cloud resources. It also supports advanced administration like dynamic groups, self-service group management, Microsoft Identity Manager, and cloud write-back capabilities. This allows self-service password reset for your on-premises users.
- Thirdly, Azure Active Directory Premium P2. In addition to the Free and P1 features, P2 also offers Azure Active Directory Identity Protection to help provide risk-based Conditional Access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.
- Lastly, “Pay as you go” feature licenses. You can also get additional feature licenses, such as Azure Active Directory Business-to-Customer (B2C). B2C can help you provide identity and access management solutions for your customer-facing apps.
Reference: Microsoft Documentation, Doc 2