Microsoft Entra ID

Formerly Microsoft Azure Active Directory

It reduces the risk of fraud by ensuring that only authorized individuals can approve important transactions through biometric authentication. In an era of remote work, the software's MFA features have been incredibly beneficial. It allows our remote workers to securely and easily access financial systems and data from anywhere. Microsoft Entra ID is effective in controlling access, permitting only authorized individuals to view private financial data and systems.

The use of Microsoft Entra ID, previously known as Azure AD, is necessary when using Microsoft 365. It can also be used for single sign-on, to link local AD to the cloud, and for implementing multifactor authentication (MFA). Using Entra ID to enforce MFA with Microsoft 365 is simple and should be considered if your organization is not already using it.

If you're already using Microsoft products, Azure tenant, O365... you will be using Entra ID. At that point, you should consider to use it as cloud identity provider, as it is really easy to use it with 3rd party applications, it has a lot of pre-built integrations, and you can apply conditional access rules, wich is a plus.
If you're not using any Microsoft products, either on-prem or on Azure... maybe it's not your best choice, as it'll be more expensive than other solutions.

Good if you're all in on the Microsoft online environment, MS365 or using Azure services. Integrates very well with those.
Not so much if you're just using it as an IDP for other services. It does try to take over somethings (like MX and DNS records) that you may want to keep having managed/hosted at 3rd parties.

If an organization is using Microsoft 365 and has the IDP license, there is no reason not to use Microsoft Entra ID. If your org uses 365 and does not have the IDP license, I recommend upgrading your licenses if your budget allows.

It well suited for scenarios where you have users accessing applications from outside of the organizational premise for example we have field force representatives that visit different locations take orders and update data on their mobiles and tablets. so, it's very easy for them to simply open the app and input required data and its automatically sync with published web application and we are managing the authentication and authorization through Entra ID and conditional access through intunes conditional access policies.

Entra ID is well-suited for medium to large environments that are already users of Microsoft products. From that aspect, it's fairly simple to get set up and start using. I feel it's less useful to smaller businesses or businesses that are not already using MS products. Entra seems like it would be overkill for a small company of 20-30 users or those that don't have the budget for Entra. SSO can be done for cheaper via other identity management softwares.

Entra is particularly useful in scenarios where a company has removed their on-premises server infrastructure, or for new companies who will never have an on-premises server infrastructure but still want to be able to manage identity's users and roles. Entra is likely less useful to organisations who still manage their identities in a local Active Directory server.

I think Microsoft Entra ID is well suited for solutions that runs on the cloud and require high level of authentication reliability and is less appropriate for applications that require multi-tenant administration

If you have op-premiss Active Directory and Microsoft Entra ID, you should use Azure AD Connect. Azure AD Connect makes the relationship between local users/devices and online users/services. It contributes to the security of your environment. Microsoft Entra ID notifies you of security vulnerabilities; you can access various logs easily.

Microsoft Entra ID is very useful when you have to manage a huge resources consisting of Users, groups etc Microsoft Entra ID is useful in setting up cross tenant collaboration with other tenants. Using Microsoft Entra ID managing Users is easier thn before as the Entra ID can be linked with ILM as well for User management

Setting up MFA has been one of the best things we implemented throughout our organization, and it used with numerous applications.
We also use the federation services a tremendous amount to synchronize with our on-prem environment.

Some of the application proxy setups don't work very well with some of our internal applications and information to help troubleshoot is difficult to find.

If you are working with any Windows-based hardware, Microsoft Entra ID is almost a must-have for the management of your end users. It provides a well-organized and powerful directory and access control solution. Unless you have an extremely small organization with fewer than 10-15 users, Entra ID is a no-brainer when it comes to managing user accounts and access. It is one of the most widely used platforms and builds on years (decades) of lessons learned on what works and what doesn't.

Microsoft Authenticator is well-suited for scenarios where strong, two-factor authentication is required. This includes situations where users need to access sensitive or personal information, such as online banking or email accounts. It is also well-suited for use in enterprise environments, where administrators can use the app to secure employee access to company resources and data.On the other hand, scenarios where Microsoft Authenticator may be less appropriate include those where users need to access resources from multiple devices or platforms. Since Microsoft Authenticator is primarily a mobile app, it may not be the best option for users who primarily use computers or other devices. Additionally, scenarios where users need to authenticate to a wide range of services, apps, or websites that do not support Microsoft Authenticator may not be well suited.It's also less appropriate for scenarios where users are not comfortable using mobile devices or apps, or if users are in areas with poor mobile network coverage, as it may not be able to provide a smooth authentication process.

Nearly 80% to 90% of systems are working on Microsoft services, especially authentication and the world is moving to the cloud. Microsoft Azure Active Directory is one of the best services from Microsoft which ease the organization and IT professionals' life easy to move on the cloud without compromising the security and leverage the services in a secure manner.

Any organization with a Windows or Office footprint should at least consider Microsoft Azure Active Directory as the source of truth for user information, and the key component of their identity strategy. For organizations less reliant on Microsoft there may be better alternatives.

Giving or taking away rights by user is very easy to do through Microsoft Azure Active Directory, especially when a specific user needs access to something they would not normally need. Access is very easy to give and take away through AD. It can be clunky sometimes when working with groups in these same scenarios.

I can’t find any other tools that could replace Microsoft Azure Active Directory in my organization. They
way AD is built, it’s simple and allows us to accomplish what we need in a very simple and efficient way.
Managing users and machines are simply way easier with Microsoft Azure Active Directory.

Microsoft Azure Active Directory is well suited for medium- and large-scale infrastructure to manage their users and single-sign-on options. It provides high-security features and easy synchronization with high availability. It also makes managing the policies over remote network easy.

If you are primarily a Microsoft shop, using Office 365, Azure, Windows, etc... then using Microsoft Azure Active Directory would be a natural choice, in fact I would say choosing anything else in this scenario would not make any sense. It has a bit of a learning curve especially if you are new coming into the Microsoft ecosystem, mostly due to its breadth and depth, but once you get a hang of it, Microsoft Azure Active Directory is a very solid identity management solution.

The entire experience of using a full suite of Azure products has been a great one. Everything is well integrated. CLI access is feature full and often times well documented. Additionally, leveraging azure in other areas means pretty seamless integration experiences across the board. Overall, very pleased with the AAD experience.

AzureAD is a very reliable and quick to setup service, If you have:

1. Active Directory as your on-premises domain service
2. Plan to use a cloud-based productivity service such as Microsoft 365
3. Have any Azure-resources
4. Use Microsoft Teams
5. Need to have a familiar interface with familiar tools and extensive documentation
6. Want to reduce the number of IAM Solutions you are using

Then AzureAD is definately your choice, it supports all the above and is very flexible and relatively simple to get up to speed quickly

However, if you plan to use cloud services from other providers such as Google, then you might consider other options or preferrably use Google Cloud Directory for that matter, AzureAD is tailored for businesses who have capitialized many of their IT Investments in the Microsoft Ecosystem and therefore, serves them the most.

Microsoft's Azure Active Directory works flawless with other Microsoft products, which of course is logical. Because I work the most with Microsoft's 365 Business Central, I really like the way BC integrates with Azure AD for verification of the BC users. For users it is also convenient, as they only have to remember 1 set of credentials.

If you need a large scale to small scale identity management system AzureAD is a good solution. AzureAD can have all the complexity you need or if you just need the basics that is there too.

Our company is extremely satisfied with using Azure Active Directory to store and give multiple access levels to all users by the use of Active Directory. We love that since it's a Microsoft product, it can be easily integrated with other Microsoft products like SharePoint without the use of 3rd party connectors for integration. We have an enterprise account with Microsoft, so the price point for hundreds of AD users is also low.