Help protect your users and data
Azure Active Directory (Azure AD), part of Microsoft Entra, is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.
Single sign-on simplifies access to your apps from anywhere
Conditional access and multifactor authentication help secure data
A single identity control plane grants full visibility and control of your environment
Governance ensures the right people have access to the right resources, and only when they need it
Get secured, adaptive access
Help protect access to resources and data using strong authentication and risk-based adaptive access policies without compromising the user experience.
Offer seamless user experiences
Provide a quick and easy sign-in experience to keep your users productive, reduce time managing passwords, and minimize friction.
Unify identity management
Centrally manage all your identities and access to your applications, whether they're in the cloud or on premises, to improve visibility and control.
Simplify identity governance
Help ensure that only authorized users have access to apps and data for users and admins with efficient automated identity governance.
Unify your identity infrastructure management
Simplify the experience of managing and securing your entire identity infrastructure—including Azure AD—with the Microsoft Entra admin center.
Comprehensive security and compliance, built in
Microsoft invests more than USD1 billion annually on cybersecurity research and development.
We employ more than 3,500 security experts who are dedicated to data security and privacy.
Find the pricing option that fits your needs
Azure Active Directory is available in four editions—one free, one included with Microsoft 365 subscriptions, and two premium plans for advanced enterprise, threat protection, and governance needs.
Get started with an Azure free account
After your credit, move to pay as you go to keep building with the same free services. Pay only if you use more than your free monthly amounts.
Trusted by companies of all sizes and industries
Azure Active Directory resources and documentation
Frequently asked questions about Azure Active Directory
Conditional access is an Azure AD capability that lets you automate access controls based on certain user conditions. Conditional access policies are enforced after the first-factor authentication has been completed. It's not intended as a first-line defense for scenarios like denial-of-service (DoS) attacks, but it uses signals from these events to determine access.
Implement single sign-on for your hybrid environment by adopting cloud authentication like password hash synchronization. With Azure AD Premium tiers, you also get health monitoring for your on-premises identity infrastructure and synchronization services.
Azure AD is the built-in solution for managing identities in Microsoft 365 and Azure. Add and configure any application with Azure AD to centralize identity and access management and better secure your environment. Configure single sign-on and automated provisioning depending on your application’s capabilities and your preferences. Learn how to configure single sign-on for a non-gallery application and how to use SCIM to automatically provision users and groups.
Yes. Azure AD supports several standardized protocols for authentication and authorization, including SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. It also supports password vaulting and automated sign-in capabilities for apps that support only forms-based authentication. Learn more about authentication scenarios and protocols, and single sign-on for applications.