Azure Active Directory (AD)
Your universal platform to manage and secure identities
Protect your business with a universal identity platform
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks.
Single sign-on simplifies access to your apps from anywhere
Conditional Access and multi-factor authentication help protect and govern access
A single identity platform lets you engage with internal and external users more securely
Developer tools make it easy to integrate identity into your apps and services
Choose from thousands of SaaS apps
Simplify single sign-on. Azure AD supports more than 2,800 pre-integrated software as a service (SaaS) applications.
Browse the Azure Marketplace
Connect your workforce
Give users seamless access to your apps from any location, on any platform, with single sign-on. Automate workflows for user lifecycle and provisioning. Save time and resources with self-service management.
Learn more about single sign-on
Protect and govern access
Safeguard user credentials by enforcing strong authentication and conditional access policies. Efficiently manage your identities by ensuring that the right people have the right access to the right resources.
Learn more about security and governance
Engage with your customers and partners
Get flexible, scalable identity and access management for external users with one identity provider. Customize user journeys and simplify the authentication process for accessing applications.
Learn more about external user access
Integrate identity into your apps
Accelerate adoption of your application in the enterprise by supporting single sign-on and user provisioning. Reduce sign-in friction and automate the creation, removal, and maintenance of user accounts.
Learn more about identity integrationWhy trust Azure Active Directory?
- Microsoft invests over USD1 billion annually on cybersecurity research and development.
- Microsoft employs more than 3,500 security experts focused on securing your data and privacy.
- Azure has more certifications than any other cloud provider. View the comprehensive list.
- Azure AD manages more than 1.2 billion identities and processes over 8 billion authentications every day.
Pricing for the universal identity and access management service
Azure AD offers built-in conditional access and security threat intelligence for all your users. Explore the pricing options to find the version that fits your needs.
Get started with Azure AD
Getting started resources
Azure AD resources
Identity for IaaS
Developer resources
Quickstarts and tutorials
Explore the Microsoft identity platform documentation for quickstarts, tutorials, and guides on how to add authentication to your applications and services.
Microsoft Graph
Learn how to use Microsoft Graph REST APIs to programmatically manage and access data in Azure AD.
Identity standards and protocols
Read the Identity Standards Blog to learn more about standards and protocols such as FIDO2, OAuth, OpenID Connect, and Security Assertion Markup Language (SAML).
Trusted by companies of all sizes and industries
Read the story"Walmart's cybersecurity team initially was skeptical about the security of the public cloud. As they learned more about Microsoft security features, their trust in Azure AD grew and they were able to apply custom security policies."
Read the story"Using Azure AD and SAML protocols, Zscaler provided single sign-on for its customers so they could access any app. The company also automated its user provisioning process to give employees faster access to critical applications."
Read the story"Using…Cloud App Security and Azure AD helps us detect unusual patterns of behavior…and enforce user access, granting it only to devices and locations that we know are right."
Chris Eaton, Director, Security Strategy and Architecture, BP
Read the story"Uniper employees get secure and convenient access to on-premises and cloud apps from the same portal through Azure AD application proxy and single sign-on. Multi-factor authentication via a conditional access policy enhances the user experience."
Read the story"We assessed our customers' needs for tighter security and seamless access, and that's exactly what Azure AD offers. [It's] so popular with enterprise customers, it's a must-have."
Elina Papernaya, Senior Partnerships and Business Development Manager, monday.com
Read the story"Amtrak needed a solution to connect its large number of mobile workers to the wider enterprise. The company used Azure AD for identity and access management and for multi-factor authentication."
Azure AD updates, blogs, and announcements
-
UPDATE
Secure hybrid access to apps behind existing F5 infrastructure
-
UPDATE
Configure Azure AD as the trusted corporate identity provider in SAP Identity Authentication Service
-
September 16, 2019
Announcing user delegation SAS tokens preview for Azure Storage Blobs
Chris Brooks, Principal PM Manager, Microsoft Azure Storage
-
UPDATE
Cloud backup and recovery for the Microsoft Authenticator app on Android
-
UPDATE
Custom OpenID Connect identity providers for user flows in Azure AD B2C
-
UPDATE
Pass through an identity provider's access token in Azure AD B2C
-
UPDATE
Azure AD Application Proxy integration with the Power BI Mobile application
-
UPDATE
Custom roles for app registration management
-
UPDATE
Azure AD Application Proxy support for single sign-on to SAML-based applications.
Frequently asked questions about Azure AD
-
Azure AD receives ongoing improvements. Stay up to date with the most recent developments by reading our monthly updates, or see the product announcements on the Azure Active Directory Identity Blog.
-
We guarantee at least 99.9 percent availability of Azure Active Directory Premium services. See the full SLA.
-
Conditional access is a capability of Azure AD that lets you implement automated access-control decisions for accessing your cloud apps based on conditions. Conditional access policies are enforced after the first-factor authentication has been completed. It’s not intended as a first-line defense for scenarios like denial-of-service (DoS) attacks, but it uses signals from these events to determine access.
-
Implement single sign-on for your hybrid environment by configuring password hash synchronization or using federation solutions such as Active Directory Federation Services. With Azure AD Premium, you also get health monitoring for your on-premises identity infrastructure and synchronization services.
-
Azure AD is the built-in solution for managing identities in Office 365. Add and configure any application with Azure AD to centralize identity and access management and better secure your environment. Configure SSO and automated provisioning depending on your application’s capabilities and your preferences. Learn how to configure single sign-on for a non-gallery application and how to use SCIM to automatically provision users and groups.
-
Yes. Azure AD supports several standardized protocols for authentication and authorization, including SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. It also supports password vaulting and automated sign-in capabilities for apps that support only forms-based authentication. Learn more about authentication scenarios and protocols, and SSO for applications.