AWS Identity and Access Management (IAM) enables users to manage access to AWS services and resources securely. Using IAM, users can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
N/A
Microsoft Entra External ID
Score 7.9 out of 10
N/A
Microsoft Entra External ID (formerly Azure Active Directory B2C, or alternately, Azure Active Directory External Identities) provides business-to-customer identity as a service. Customers can use their preferred social, enterprise, or local account identities to get single sign-on access to applications and APIs.
$0
per month per active users
Pricing
AWS Identity & Access Management
Microsoft Entra External ID
Editions & Modules
No answers on this topic
Premium P1 (for More than 50,000 MAU)
$0.00325
per month per active users
Premium P2 (for More than 50,000 MAU)
$0.01625
per month per active users
Offerings
Pricing Offerings
AWS Identity & Access Management
Microsoft Entra External ID
Free Trial
No
Yes
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
A flat fee of $0.03 is billed for each SMS/Phone-based multi-factor authentication attempt.
AWS Identity & Access Management is well suited to managing AWS application access between services. Very helpful for both third-party products and in-house developed software. Very happy with how easy it is to create access keys and then share them in our environment. AWS IAM can also be used to manage individual users, but I highly recommend using AWS SSO for that purpose instead. Much easier to deploy for console access and from a security side easier to turn off in one click from your SSO provider.
It is not easy to calculate the actual ROI due to the difficult quantification of all factors, but it certainly contributed a lot in protecting, monitoring and controlling access to our system. It also made it much easier to detect vulnerable external users with simple and "easy to hack" passwords they use on multiple apps.
While we do not use Microsoft Azure for our servers and other customer-facing services. If we did, we would have to use Microsoft Azure Active Directory to manage access to services appropriately. It's difficult to quantify the differences between the services as they are truly different. I would recommend choosing AWS or Azure, then using the identity management provided by the same vendor.
Each one of these alternatives has pros and cons. PingOne from Ping Identity states they "help deliver the secure and seamless customer experience to win battles for customer acquisition, retention, revenue, loyalty, and trust." While that may be the case, they did not fit our needs. We have a complex system and it did not seem to fit into our business.
