Azure Active Directory Fundamentals

Azure Active Directory (Azure AD), now Microsoft Entra ID, is a cloud-based identity and access management service that helps your employees sign in to and access resources such as Microsoft 365, the Azure portal, and thousands of other SaaS applications. It also helps IT professionals manage users and their access to organizations.

What is Azure AD?

Azure AD is a comprehensive identity and access management solution that provides a wide range of features to secure your organization's resources and manage user identities. It's the backbone for many cloud services, ensuring that the right people have access to the right resources at the right time.

Key Concepts

Tenant: A dedicated instance of Azure AD that an organization owns and manages.
Users: Individuals who have accounts in Azure AD and can access resources.
Groups: Collections of users, devices, or other groups used to manage access to resources more efficiently.
Applications: SaaS applications, custom applications, or enterprise applications that can be integrated with Azure AD for single sign-on (SSO) and access management.
Roles: Permissions assigned to users or groups to perform specific administrative tasks within Azure AD or Azure resources.
Policies: Rules that define how users authenticate and access resources, such as Conditional Access policies.

Core Features

Identity and Access Management

Azure AD provides robust capabilities for managing user identities, including creation, deletion, and updating user profiles. It enables secure authentication and authorization for users accessing cloud and on-premises applications.

Single Sign-On (SSO)

With SSO, users can sign in once with their Azure AD credentials to access multiple applications without needing to re-enter their credentials. This improves user productivity and enhances security.

Learn More about SSO

Explore the benefits and configuration options for Single Sign-On in Azure AD.

Configure SSO

Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring users to provide two or more verification factors to gain access. This significantly reduces the risk of unauthorized access.

Conditional Access

Conditional Access policies allow you to control access to your cloud apps based on conditions. For example, you can enforce MFA for users connecting from untrusted locations or require compliant devices for access to sensitive data.


# Example of a simple Azure AD user
{
  "objectId": "a1b2c3d4-e5f6-7890-1234-567890abcdef",
  "displayName": "Jane Doe",
  "userPrincipalName": "jane.doe@yourcompany.com",
  "jobTitle": "Software Engineer",
  "department": "Technology"
}

Getting Started

To begin using Azure AD, you typically need an Azure subscription. You can start with a free trial or a pay-as-you-go subscription. Once you have an account, you can access the Azure portal to manage your Azure AD tenant.