Microsoft Azure Active Directory (Azure AD)
A Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management service that provides directory services, application access management, and identity protection to help secure access to applications and resources across the cloud and on-premises environments.
- Context:
- It can provide single sign-on (SSO) to simplify the access to applications on-premises and in the cloud.
- It can integrate with Microsoft Office 365, Azure, and thousands of other SaaS applications.
- It can support multi-factor authentication (MFA) for enhanced security.
- It can manage and secure mobile devices, apps, and users' identities using Azure AD Conditional Access.
- It can enable B2B (business-to-business) collaboration by allowing secure sharing of apps and services with guest users from any organization.
- It can support B2C (business-to-consumer) scenarios through Azure AD B2C, a customer identity access management solution.
- It can provide comprehensive reporting and monitoring through security reports and audit logs to help protect user identities.
- It can offer identity governance features such as entitlement management, privileged identity management, and access reviews to ensure the right users have the right access to resources.
- ...
- Example(s):
- ...
- Counter-Example(s):
- AWS Identity and Access Management (IAM), focused on controlling access to AWS services and resources securely.
- Google Cloud Identity and Access Management (IAM), allows administrators to manage access control by defining who (identity) has what access (roles) to which resources.
- an On-Premises Active Directory (AD) that manages user identities and access within a corporate network without cloud integration.
- LDAP (Lightweight Directory Access Protocol) directories that do not provide cloud-based identity and access management features.
- See: Cloud Security, Identity Provider, Single Sign-On, Multi-Factor Authentication, Identity Governance.