Skip to main content
TrustRadius
Microsoft Entra ID

Microsoft Entra ID
Formerly Microsoft Azure Active Directory

Overview

What is Microsoft Entra ID?

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and…

Read more
Recent Reviews
Read all reviews

How Microsoft Entra ID Differs From Its Competitors

Deployment

Yes, we do have an on-prem Azure AD Forest with multiple Organizational Units and a concise set of domain controllers as well. When it comes to cloud presence, we are currently only living in Azure with almost 500-600 users and almost 700 devices (since we also allow a chunk of users with BYOD …
Continue reading

Multi-App Security

This is on use basis, and we usually manage this for our clients and not much for our internal tenant. This is usually done when required as a proof-of-concept exercise or as a temporary collaboration scenario. Until now the scope of this particular usage scenario has been limited and small.
There …
Continue reading

End User Experience

It is difficult for me to compare Microsoft Entra ID to any other IDP because I have been working with Microsoft Entra ID only from the past 3 years. Although, I have seen it evolved and simplify user experience of its own through this time. With the addition of MFA, SSPR, conditional access, PIM, …
Continue reading

Deployment

Our organization uses Microsoft Entra ID to manage user identities in both on-site and cloud environments. This helps to ensure secure and easy user access through biometric and multi-factor authentication methods. It links with our on-site Active Directory and also works with cloud-based …
Continue reading

Multi-App Security

Our company uses Microsoft Entra ID to secure all of our software resources, including both Microsoft and non-Microsoft applications. Microsoft Entra ID's flexibility allows us to extend its security features to a variety of SaaS applications, ensuring strong and dependable authentication. This …
Continue reading

End User Experience

Microsoft Entra ID has significantly improved the user experience, allowing easy and secure access to business systems. By leveraging biometric and multi-factor authentication (MFA), users can enjoy a seamless and secure login process. The convenience of facial recognition and fingerprint scanning …
Continue reading

Deployment

We have a hybrid deployment. We have been migrating everything we can to the cloud, but are not completely off prem yet. Some of our holdups are shared mailboxes and SharePoint migrations.
Continue reading

Multi-App Security

We do use Microsoft Entra ID to secure various applications when possible. This is our preferred setup.
We have a few software vendors that allow us to setup SSO with SAML for authentication into their applications. We also have some internal applications (manage engine being one) that also use …
Continue reading

End User Experience

The user experience has been great. There were a few growing pains during the implementation, but now everyone enjoys using it and the benefits overshadow the initial headaches.
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Multi-Factor Authentication (85)
    9.1
    91%
  • ID Management Single-Sign On (SSO) (85)
    9.0
    90%
  • ID-Management Access Control (84)
    8.8
    88%
  • Password Management (81)
    8.2
    82%

Reviewer Pros & Cons

View all pros & cons
Verified User
General Manager in Information Technology
Automotive Company, 1001-5000 employees
Verified User
Consultant in Information Technology
Information Technology & Services Company, 51-200 employees
Return to navigation

Pricing

View all pricing

Premium P1

$6.00

Cloud
per user/per month

Premium P2

$9.00

Cloud
per user/per month

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.microsoft.com/en…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

AD FS to Microsoft Entra | How to migrate cloud apps

YouTube

Microsoft Entra ID Beginner's Tutorial (Azure Active Directory)

YouTube

Introducing Microsoft Entra

YouTube
Return to navigation

Features

Identity Management

Identity management software manages information about the identity of software users and controls access to corporate resources

8.6
Avg 8.1
Return to navigation

Product Details

What is Microsoft Entra ID?

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

Microsoft Entra ID safeguards organizations with a cloud identity and access management solution that connects employees, customers, and partners to their apps, devices, and data. Features include:

  • Secure adaptive access: Protects access to resources and data using strong authentication and risk-based adaptive access policies without compromising user experience.
  • Seamless user experiences: Provides an easy sign-in experience across a multicloud environment to keep users productive, reduce time managing passwords, and increase productivity.
  • Unified identity management: Manages identities and access to all applications in a central location, whether they’re in the cloud or on-premises, to improve visibility and control.


What is Microsoft Entra ID?
What is Conditional Access in Microsoft Entra ID?
What is Microsoft Entra ID Protection?


Microsoft Entra ID Features

Identity Management Features

  • Supported: ID-Management Access Control
  • Supported: ID Management Single-Sign On (SSO)
  • Supported: Multi-Factor Authentication
  • Supported: Password Management
  • Supported: Account Provisioning and De-provisioning
  • Supported: ID Management Workflow Automation
  • Supported: ID Risk Management

Microsoft Entra ID Video

Authentication fundamentals: The basics | Azure Active Directory

Microsoft Entra ID Competitors

Microsoft Entra ID Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Microsoft Entra ID Downloadables

Frequently Asked Questions

Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

JumpCloud are common alternatives for Microsoft Entra ID.

Reviewers rate Multi-Factor Authentication highest, with a score of 9.1.

The most common users of Microsoft Entra ID are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(376)

Attribute Ratings

Reviews

(1-8 of 8)
Companies can't remove reviews or game the system. Here's why
November 04, 2023

An end-to-end user and identity management solution

Yash Mudaliar | TrustRadius Reviewer
Yash Mudaliar
Associate Lead Security Admin
Atidan (Information Technology & Services, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Microsoft Entra ID (formerly called as Azure Active Directory) is the being used as an identity provider in my organization. Ideally the business problem that it solves is the management of user accounts and access management for those users. Beyond this, our use case also involves using Entra for access reviews, privileged identity management, group management, device management, application identity management, enabling business collaborations and customer identity management and identity protection.
Pros and Cons
  • The most used and useful feature is 'Privileged Identity Management' which helps us to not only limit the assignment of privileged roles but also to monitor and regulate the assignments with a variety of filters.
  • 'Conditional Access' is another feature which can be marked as one of USPs of Microsoft Entra ID. The kind of granularity and security that this feature allows is something that prevent a lot of attacks on the identity perimeter.
  • I personally love the simplicity and security of the 'Cross-tenant synchronization' feature of Microsoft Entra ID. It makes the collaboration process easier without making any compromises in the security aspect.
  • While a very popular feature, but I feel 'Identity Protection' has some improvement scope like improving the delay of alert triggering, provide more details on the suspicious activities and possibly through a simpler UX.
  • I think 'Identity Secure Score' dashboard should have some more detailed informational view instead of just providing some generic best practices and then re-directing to the M365 Defender portal.
  • 'Per-User MFA' should now either be deprecated or else should now be re-branded and re-worked to support conditional access policies specifically for combined registration policies.
Likelihood to Recommend
Scenario 1: The most obvious would be if the org. has Azure presence with or without an on-premises AD instance. Scenario 2: Even from an SSO point-of-view, Microsoft Entra ID would be a great choice to be opted as an Identity Provider. Scenario 3: If the org. has a wide global footprint and wants to ensure a secure identity and access management platform that can prevent real time attacks without compromising user experience. Scenario 4: If the org. has both B2B and B2C collaboration scenarios.
October 05, 2023

Fortifying Business Security with Seamless Authentication

CB
Caridad Buenaventura
Senior Financial Analyst
Financials Euro Spain (Financial Services, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We implemented Microsoft Entra ID, which made authentication faster and increased business security. This innovative program ensures secure access to sensitive financial data by addressing significant business challenges and improving our financial operation's efficiency and security. It strengthens financial security and streamlines authentication procedures.
Pros and Cons
  • Microsoft Entra ID's biometric authentication improves security and streamlines user access through facial recognition and fingerprint scanning, which are reliable and practical.
  • Users can easily confirm their identities using biometrics, smart cards, or PINs, increasing security without disrupting business operations.
  • Microsoft Entra ID provides us with a thorough security comprehension by allowing us to effectively manage user identities, regulate access entitlements, and track authentication events.
  • Initial deployment and configuration may require careful preparation and experience.
  • The program may require a lot of resources, particularly during heavy traffic.
  • Additionally, we occasionally encountered compatibility issues with outdated systems, necessitating further adaptations for seamless integration.
Likelihood to Recommend
It reduces the risk of fraud by ensuring that only authorized individuals can approve important transactions through biometric authentication. In an era of remote work, the software's MFA features have been incredibly beneficial. It allows our remote workers to securely and easily access financial systems and data from anywhere. Microsoft Entra ID is effective in controlling access, permitting only authorized individuals to view private financial data and systems.
August 30, 2023

One identity (aka Microsoft Entra ID)

Verified User
Manager in Information Technology
Health, Wellness and Fitness Company, 10,001+ employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Microsoft Entra ID for our users when accessing company applications and services and it allows seamless SSO authentication. We've also incorporated authentication with several Software as a Service (SaaS) applications, providing a centralized approach to identity management. We have also implemented multi-factor authentication using Microsoft Entra ID.
Pros and Cons
  • Multi-factor authentication integration
  • Active Directory federation services works very well with on-prem AD
  • Integrated very well with other Microsoft tools (Office 365, Outlook, SharePoint, etc.)
  • Organization of the homepage/portal seems to change a lot
  • Security reporting could be setup to be more intuitive
  • The application proxy setup can be easier to setup and understand
Likelihood to Recommend
Setting up MFA has been one of the best things we implemented throughout our organization, and it used with numerous applications.
We also use the federation services a tremendous amount to synchronize with our on-prem environment.

Some of the application proxy setups don't work very well with some of our internal applications and information to help troubleshoot is difficult to find.
February 01, 2023

Review of Microsoft Authenticator

Kamran Liaqat | TrustRadius Reviewer
Kamran Liaqat
Manager
PC Mall Services (Information Technology & Services, 501-1000 employees)
Score 8 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
To authenticate our communication systems like outlook , VP, team.
Pros and Cons
  • Microsoft Authenticator also supports passwordless login options
  • fingerprint and facial recognition
  • support of Azure Active Directory
  • ability to use the app to generate one-time passcodes, as well as push notifications
  • the app can be difficult to use and navigate
  • Microsoft Authenticator currently only supports a limited number of languages
  • Microsoft Authenticator is only available on mobile devices, it does not have a web version or a desktop app
Likelihood to Recommend
Microsoft Authenticator is well-suited for scenarios where strong, two-factor authentication is required. This includes situations where users need to access sensitive or personal information, such as online banking or email accounts. It is also well-suited for use in enterprise environments, where administrators can use the app to secure employee access to company resources and data.On the other hand, scenarios where Microsoft Authenticator may be less appropriate include those where users need to access resources from multiple devices or platforms. Since Microsoft Authenticator is primarily a mobile app, it may not be the best option for users who primarily use computers or other devices. Additionally, scenarios where users need to authenticate to a wide range of services, apps, or websites that do not support Microsoft Authenticator may not be well suited.It's also less appropriate for scenarios where users are not comfortable using mobile devices or apps, or if users are in areas with poor mobile network coverage, as it may not be able to provide a smooth authentication process.
May 08, 2021

Easily manage enterprise applications with Azure AD

Verified User
Engineer in Engineering
Information Services Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Azure Active Directory is being used across the entire organization. Azure AD allows us to manage access/permissions for various applications, resources, etc.
Pros and Cons
  • UI - The user interface for configuring items within Azure AD is great.
  • CLI - Interacting with the Azure CLI for Azure AD is the same great well documented experience as other interactions with the Azure CLI. Functionality is solid, documentation is great to explain different use cases with the CLI, and overall the ease of use is fantastic.
  • Configuration Documentation: There's evidently been changes to Azure AD improving the platform but in making these changes it's incredibly difficult to find solid step by step instructions to implement Azure AD for given SaaS apps for example. This isn't necessarily Microsoft's fault, as documentation drift happens everywhere, but even within Microsoft's own documentation there are discrepancies. It makes setting up AAD on an application potentially more difficult than it needs to be.
  • Multi Account Difficulties: If you have multiple accounts tied to AAD (like a school account and a work account for example) it's incredibly difficult to sign in on both. Heaven help you if you forget to open a private browsing tab to sign in to the different account. You'll spend a non-zero amount of time trying to sign back in to your other account.
Likelihood to Recommend
The entire experience of using a full suite of Azure products has been a great one. Everything is well integrated. CLI access is feature full and often times well documented. Additionally, leveraging azure in other areas means pretty seamless integration experiences across the board. Overall, very pleased with the AAD experience.
May 07, 2021

Tight integration, simple management and a feature-rich experience is what AzureAD promises and delivers

Verified User
Manager in Information Technology
Information Technology & Services Company, 201-500 employees
Score 10 out of 10
Vetted Review
ResellerIncentivized
Use Cases and Deployment Scope
We are service provider and an ISV, we build and customize software and deliver IT Solutions to our customers, we needed an identity and access management solution that is widely compatible with our application infrastructure as well as allows us to integrate content across tenants, we also wanted a unified and simplified IAM experience for our internal users, our customers and contractors.

AzureAD was definately the optimial option, it allowed us to unify our IT administration experience through tightly integrated capabilities, and simplified synchronization of objects from On-Premises Active Directory, additionally, most of our online services for internal users are on Microsoft 365, in such scenarios, AzureAD is absolutly the best choice for our organization.

It scaled nicely as the company grows, and offers RBAC, Conditional Access and Privileged Identity Management, it also supports most of the common authentication scenarios and protocols that we require in our business, we are very much satisfied with how AzureAD works and it is definately a reliable and flexible IAM solution.
Pros and Cons
  • Conditional Access in AzureAD is great and works very well
  • Integration with Intune, Microsoft 365 and other Microsoft Cloud Services is unmatching
  • Simple user management from the Portal
  • Sign-ins behavioral monitoring and user risk detection is a top security need
  • Many features are added every now and then and its relatively easy to enable them organization-wide
  • The Multi-Factor Authentication Portal still uses the old Azure Interface that is over 7 years old, it's exceedingly difficult to manage MFA enablement for substantial number of users
  • Some limitations in the portal such as user retrieval is limited, making selecting multiple objects difficult
  • The AzureAD Sync client is particularly useful but requires advanced technical skills to troubleshoot if anything goes wrong
  • Certain security features which I believe are considered essential are only part of the Premium 2 license, such as Risk Detection and Investigation, Microsoft should try to make Plans more tailored into other features (For example limit on objects, app registration, branding, and make security features an essential part of any AzureAD Plan.
Likelihood to Recommend
AzureAD is a very reliable and quick to setup service, If you have:
  1. Active Directory as your on-premises domain service
  2. Plan to use a cloud-based productivity service such as Microsoft 365
  3. Have any Azure-resources
  4. Use Microsoft Teams
  5. Need to have a familiar interface with familiar tools and extensive documentation
  6. Want to reduce the number of IAM Solutions you are using
Then AzureAD is definately your choice, it supports all the above and is very flexible and relatively simple to get up to speed quickly

However, if you plan to use cloud services from other providers such as Google, then you might consider other options or preferrably use Google Cloud Directory for that matter, AzureAD is tailored for businesses who have capitialized many of their IT Investments in the Microsoft Ecosystem and therefore, serves them the most.
April 07, 2021

You will be hard pressed to find a better cloud identity provider than Microsoft Azure Active Directory

CR
Caleb Reinhardt
CIO (Chief Information Officer)
Calloway Co School District (Primary/Secondary Education, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use M365 within our school district, and as such, Microsoft Azure Active Directory is our cloud identity provider for all our user accounts (faculty, staff, and students). Ultimately, we are a hybrid Microsoft Azure Active Directory environment, with an on-prem Active Directory that syncs to local objects to Azure. This synchronization helps address the need for cloud-based access to resources that would otherwise be unavailable if we were solely working from an on-prem Microsoft Azure Active Directory environment. We have considered moving all our users and devices to being 100% cloud based; however, the current Microsoft Azure Active Directory infrastructure we are a part of (multi-domain forest) is not currently suited to support that transition at this time.
Pros and Cons
  • Conditional Access -- this is one of the biggest tools that any admin needs when it comes to securing when, where, and how users are accessing information. Especially if the information contains sensitive data types.
  • Multi-factor Authentication -- we have all our employees configured for MFA. This is incredibly easy to configure with Azure, as well as defining when MFA should be used through Conditional Access.
  • Audit Logs -- being able to track and identify a user's activity is pretty critical, especially when in incident response mode.
  • Complexity --Microsoft Azure Active Directory isn't exactly for the faint of heart.
  • Management -- some bulk management tasks need to be run through PowerShell...if you don't know PowerShell (and you should) then this could be problematic.
  • Needs assessment -- the licensing structure for Azure AD might be difficult to understand given the breadth of features available. For example, Azure Active Directory P1 will differ from Azure Active Directory P2, but what does that mean and is it applicable to your organization? Is it necessary to have P2 over P1 to accomplish your business goals?
Likelihood to Recommend
I think that Microsoft Azure Active Directory is going to be applicable to any organization that needs a cloud identity solution and they have more than a handful of employees and users. Licensing could be problematic to figure out, and bundling the Microsoft Azure Active Directory license with an M365 subscription is probably the route to take. However, I would not recommend this product to an organization with an IT administrator who is not strong technically. In this case, it might be better managed by an MSP.

The reality is that Microsoft Azure Active Directory is one part of a suite of products and it is sometimes hard to look at it without understanding how it interacts with the other tools in the suite. If we take this into consideration, then Microsoft Azure Active Directory is the backbone for providing a cloud-based user identity and security solution that will be applicable under any circumstance.
September 24, 2019

Azure Active Directory works well to securely move into the cloud

Jane Updegraff | TrustRadius Reviewer
Jane Updegraff
Senior Systems Administrator
DRT Holdings, Inc. (Aviation & Aerospace, 501-1000 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
My company uses Active Directory across the entire enterprise, which is probably the most common way that it's used. It's used to maintain a directory of users, groups, computers, service accounts and other resources, it is also used to authenticate those users and machines to the network, and to permit them access to network resources based on the individual user's or computer's permissions and group memberships. Active Directory acts as our primary resource management tool. It's where we store the identities of people and things that allow us to quickly create things like access control lists for data and network segments.
Pros and Cons
  • Azure Active Directory is very at maintaining user and computer data in a fully-replicated database.
  • Azure Active Directory is very good at notifying administrators whenever there is a problem with the AD database content or replication.
  • In my opinion, Azure Active Directory's dashboard pages are way too busy and difficult to navigate.
  • Azure Active Directory doesn't handle duplicate attributes in user accounts very well.
  • Azure Active Directory pesters the admin to buy additional features by cluttering up the GUI with "suggestions" that you can't remove from the dashboard.
Likelihood to Recommend
Azure AD is actually required for Office 365 to work, so obviously you won't have a choice about whether or not it is well-suited unless you want to skip Office 365 completely. But it's actually a good standalone AD solution for when you don't want to own any infrastructure at all. That's because AAD is hosted by Microsoft in their commercial cloud, Azure. You could hypothetically build all a full corporate directory against which to authenticate without having to own a single server.

I would not advise using AAD as your network directory as a standalone solution, however. You would need to have at least one on-premise AD domain controller with a full copy of the directory, at all times. This is required because Azure Active Directory operates in the cloud, meaning it is reached by way of the internet. If any site were to become disconnected from the internet for any reason, and if there is NOT a local copy of the directory on a domain controller that the users and computers can reach from their devices, no one would be able to authenticate to any resources until connectivity is restored.
Return to navigation