Solid identity management solution for companies working in the Microsoft ecosystem
August 12, 2025
Solid identity management solution for companies working in the Microsoft ecosystem
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Entra ID
We leverage Microsoft Entra ID Premium as our primary identity and access management solution. Our implementation serves as the central authentication hub for our cloud ecosystem. We use Microsoft Entra ID as SSO to our CRM, ITSM and other core tools. We also utilize many security features of Entra ID. These include for example conditional access policies and enforcing MFA to our users. Most of our customers are also involved in our Microsoft Entra ID directory as guest users.
Pros
- SAML-based sign-in that is supported for almost all other SaaS-services
- Security features like MFA and conditional access policies
- Hybrid infrastructure management and support
- Automation possibilities with Powershell scripts
Cons
- For larger organizations the policy management user interface gets complex
- Security group nesting limitations - you cannot always nest groups within groups depending on the group types and use case
- Price gets high if you need the enterprise or P2 premium licenses
- We have automated the user creation and disablements and save continuously of administrative time each time a new employees come in or employees leave.
- We have centralized identity management so that we can easily allow/deny access to most of our SaaS-software. This gives better security posture and saves time in baic user management tasks.
- Employee productivity is good when they can use the same account almost everywhere and are familiar using it to login.
We have a hybrid environment with on-premises AD. The on-premise AD is used mainly to login to the user laptops and file share access. All identities are synced automatically to the cloud (Microsoft Entra ID). Microsoft Entra ID is the primary authentication for M365 and all other SaaS applications that we use. Microsoft Entra ID is also used to mobile device management (Intune) where the devices and users are registered automatically.
Yes, we have multiple SaaS applications (CRM, ERP, ticketing system, etc.) and we always use Microsoft Entra ID to login to these. We can set application specific allow-rules or policies. SAML2 is used in most cases. There are usually instructions by the SaaS-providers how the integration/deployment can be done.
Our CRM system, our ERP, our ITSM system, learning portal, IT administrative tools.
Microsoft Entra ID has evolved quickly and for administrative users it is sometimes difficult when there are multiple ways/user interfaces (legacy and new) for doing things. Sometimes the legacy things depreciate and all the sudden admins need to do something manually to keep the system up to date instead of Microsoft doing these changes automatically for the admins.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.
Do you think Microsoft Entra ID delivers good value for the price?
Yes
Are you happy with Microsoft Entra ID's feature set?
Yes
Did Microsoft Entra ID live up to sales and marketing promises?
Yes
Did implementation of Microsoft Entra ID go as expected?
Yes
Would you buy Microsoft Entra ID again?
Yes
Comments
Please log in to join the conversation