Microsoft Entra ID documentation
Microsoft Entra ID documentation
https://learn.microsoft.com/en-us/entra/identity/
Embedded Files
What is Microsoft Entra ID?
Manage user identities and control access to your apps, data, and resources.
Authentication
Configure sign-in methods and security features like self-service password reset and multifactor authentication.
Application management
Develop, add, or connect an app to Microsoft Entra ID and manage access.
Role-based access control
Manage administrator permissions and apply the principle of least privilege using Microsoft Entra role-based access control.
Overview of role-based access control in Microsoft Entra ID
Microsoft Entra ID supports two types of roles definitions:
Administrative units in Microsoft Entra ID
Create or delete administrative units
Restricted management administrative units in Microsoft Entra ID
User management
Manage users and groups, assign licenses, and manage domain names.
How to create, invite, and delete users
Group types, membership types, and access management
Group types
Security groups
Microsoft 365 groups
Membership types
Assigned groups
Dynamic membership group for users
Dynamic membership group for devices
Assignment types
Direct assignment
Group assignment
Rule-based assignment
External authority assignment
Conditional Access
Control access to resources by enforcing policies based on user, location, device, and more.
Common signals
Common decisions
Commonly applied policies
Admin experience
License requirements
Using this feature requires Microsoft Entra ID P1 licenses.
Device identity
Register and join devices to Microsoft Entra ID for device management and Condition Access.
There are three ways to get a device identity:
Microsoft Entra registration
Microsoft Entra join
Microsoft Entra hybrid join
Hybrid identity
Create a user identity that can access both on-premises and cloud resources.
Application provisioning
Create and manage user identities in applications by provisioning from Microsoft Entra ID.
What is app provisioning in Microsoft Entra ID?
What is SCIM?
Manual vs. automatic provisioning
Benefits of automatic provisioning
What applications and systems can I use with Microsoft Entra automatic user provisioning?
How do I set up automatic provisioning to an application?
Configure SAP SuccessFactors to Active Directory user provisioning
Solution Architecture
Authoritative HR Data Flow – from SuccessFactors to on-premises Active Directory
Email Writeback Flow – from on-premises Active Directory to SuccessFactors
Application proxy
Provide secure remote access and cloud scale security to your private applications.
Managed identities for Azure resources
Create an application identity that can connect to resources using Microsoft Entra authentication.
Application integration
Integrate cloud-enabled, software as a service (SaaS) apps with Microsoft Entra ID.
Monitoring and health
Use logs and reports to determine usage of your apps and services, detect risks, and troubleshoot issues.
What is Microsoft Entra monitoring and health?
Identity activity logs
Audit logs include the history of every task performed in your tenant.
Sign-in logs capture the sign-in attempts of your users and client applications.
Provisioning logs provide information around users provisioned in your tenant through a third party service.
Multitenant organizations
Collaborate across tenants within your organization.
Domain services
Move legacy apps to managed domains in the cloud while preserving user accounts, groups, and access.
Azure Active Directory B2C
Business to consumers identity and access management for your app
Microsoft Entra ID Governance
Identity governance increases employee productivity and helps meet compliance and regulatory requirements.
Google Sites
Report abuse