Introduction to Microsoft Entra ID

Microsoft Entra ID

Microsoft Entra ID is a cloud-based identity and access management service. It helps employees securely access external resources like Microsoft 365, the Azure portal, and thousands of other SaaS apps. Additionally, it allows them to access internal resources such as apps hosted on your company’s intranet or any cloud apps developed specifically for your organization.

Who Uses Microsoft Entra ID?

Different people in your organization can benefit from Microsoft Entra ID, depending on their role:

IT Administrators: IT admins use Microsoft Entra ID to control access to apps and resources based on business needs. For example, you can require multi-factor authentication (MFA) to protect critical resources, automate user management between your on-premises Windows Server Active Directory and cloud apps like Microsoft 365, and use built-in tools to secure identities and meet governance requirements.

App Developers: Developers can use Microsoft Entra ID to add single sign-on (SSO) to their apps, allowing users to log in using their existing company credentials. They can also use Microsoft Entra APIs to build custom, personalized experiences using organizational data.

Current Microsoft Service Users: If your organization uses Microsoft 365, Office 365, Azure, or Dynamics CRM Online, you’re already using Microsoft Entra ID because each of these services is tied to a Microsoft Entra tenant. This allows you to start managing access to your integrated cloud apps right away.

Microsoft Entra ID Licenses

Microsoft Entra ID comes in several versions, each offering different features. If you subscribe to any Microsoft online service like Microsoft 365 or Azure, you automatically get access to the Free version of Entra ID. You can also upgrade to paid versions for more advanced features.

Here’s a breakdown of the available licenses:

Microsoft Entra ID Free: This version offers basic features like user and group management, synchronization with on-premises directories, basic reports, self-service password changes for cloud users, and single sign-on (SSO) across Microsoft 365 and popular SaaS apps.

Microsoft Entra ID P1: In addition to the Free version’s features, P1 provides hybrid users with access to both cloud and on-premises resources. It also supports dynamic group membership, self-service group management, and advanced administration capabilities. Plus, it enables self-service password resets for on-premises users.

Microsoft Entra ID P2: On top of P1 features, P2 includes advanced tools like Microsoft Entra ID Protection, which helps manage risk-based Conditional Access to apps and data, and Privileged Identity Management (PIM), which helps monitor and control admin access, providing just-in-time permissions when necessary.

Additional Microsoft Entra Products
Beyond these core licenses, Microsoft offers additional products to further enhance your identity management capabilities:

Microsoft Entra ID Governance: This adds advanced identity governance tools for organizations using P1 or P2, helping you maintain compliance and manage access.

Microsoft Entra Permissions Management: This cloud infrastructure entitlement management (CIEM) solution provides visibility into the permissions assigned to identities, resources, and actions across cloud platforms like Azure, AWS, and Google Cloud.

"Pay As You Go" Feature Licenses: You can also purchase specific features such as Microsoft Entra Domain Services or Microsoft Entra Business-to-Customer (B2C), which enables identity and access management for customer-facing apps.

In summary, Microsoft Entra ID is a powerful tool for managing identity and access in both cloud and on-premises environments. Depending on your organization’s needs, you can start with the Free version and scale up to advanced licenses for more robust security and management features.