Azure Active Directory (Azure AD)
Synchronize on-premises directories and enable single sign-on
Protect your business with a universal identity platform
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks.
Single sign-on simplifies access to your apps from anywhere
Conditional Access and multi-factor authentication help protect and govern access
A single identity platform lets you engage with internal and external users more securely
Developer tools make it easy to integrate identity into your apps and services
Connect your workforce
Whether people are on-site or remote, give them seamless access to all their apps so they can stay productive from anywhere. Automate workflows for user lifecycle and provisioning. Save time and resources with self-service management.
Choose from thousands of SaaS apps
Simplify single sign-on. Azure AD supports thousands of pre-integrated software as a service (SaaS) applications.
Protect and govern access
Safeguard user credentials by enforcing strong authentication and conditional access policies. Efficiently manage your identities by ensuring that the right people have the right access to the right resources.
Engage with your customers and partners
Secure and manage customers and partners beyond your organizational boundaries, with one identity solution. Customize user journeys and simplify authentication with social identity and more.
Integrate identity into your apps
Accelerate adoption of your application in the enterprise by supporting single sign-on and user provisioning. Reduce sign-in friction and automate the creation, removal, and maintenance of user accounts.
Why trust Azure Active Directory?
- Microsoft invests over USD 1 billion annually on cybersecurity research and development.
- Microsoft employs more than 3,500 security experts focused on securing your data and privacy.
- Azure has more certifications than any other cloud provider. View the comprehensive list.
- Azure AD manages more than 1.2 billion identities and processes over 8 billion authentications every day.
Pricing for the universal identity and access management service
Azure AD offers built-in conditional access and security threat intelligence for all your users. Explore the pricing options to find the version that fits your needs.
Get started with Azure AD
Getting started resources
Azure AD resources
Identity for IaaS
Developer resources
Quickstarts and tutorials
Explore the Microsoft identity platform documentation for quickstarts, tutorials, and guides on how to add authentication to your applications and services.
Microsoft Graph
Learn how to use Microsoft Graph REST APIs to programmatically manage and access data in Azure AD.
Identity standards and protocols
Read the Identity Standards Blog to learn more about standards and protocols such as FIDO2, OAuth, OpenID Connect, and Security Assertion Markup Language (SAML).
Trusted by companies of all sizes and industries
Read the story"Walmart's cybersecurity team initially was skeptical about the security of the public cloud. As they learned more about Microsoft security features, their trust in Azure AD grew and they were able to apply custom security policies."
Read the story"Using Azure AD and SAML protocols, Zscaler provided single sign-on for its customers so they could access any app. The company also automated its user provisioning process to give employees faster access to critical applications."
Read the story"Using…Cloud App Security and Azure AD helps us detect unusual patterns of behavior…and enforce user access, granting it only to devices and locations that we know are right."
Chris Eaton, Director, Security Strategy and Architecture, BP
Read the story"Uniper employees get secure and convenient access to on-premises and cloud apps from the same portal through Azure AD application proxy and single sign-on. Multi-factor authentication via a conditional access policy enhances the user experience."
Read the story"We assessed our customers' needs for tighter security and seamless access, and that's exactly what Azure AD offers. [It's] so popular with enterprise customers, it's a must-have."
Elina Papernaya, Senior Partnerships and Business Development Manager, monday.com
"Amtrak needed a solution to connect its large number of mobile workers to the wider enterprise. The company used Azure AD for identity and access management and for multi-factor authentication."
Frequently asked questions about Azure AD
-
Azure AD receives ongoing improvements. Stay up to date with the most recent developments by reading our monthly updates, or see the product announcements on the Azure Active Directory Identity Blog.
-
We guarantee at least 99.99% availability of Azure Active Directory Premium services. See the full SLA.
-
Conditional access is a capability of Azure AD that lets you implement automated access-control decisions for accessing your cloud apps based on conditions. Conditional access policies are enforced after the first-factor authentication has been completed. It’s not intended as a first-line defense for scenarios like denial-of-service (DoS) attacks, but it uses signals from these events to determine access.
-
Implement single sign-on for your hybrid environment by configuring password hash synchronization or using federation solutions such as Active Directory Federation Services. With Azure AD Premium, you also get health monitoring for your on-premises identity infrastructure and synchronization services.
-
Azure AD is the built-in solution for managing identities in Office 365. Add and configure any application with Azure AD to centralize identity and access management and better secure your environment. Configure SSO and automated provisioning depending on your application’s capabilities and your preferences. Learn how to configure single sign-on for a non-gallery application and how to use SCIM to automatically provision users and groups.
-
Yes. Azure AD supports several standardized protocols for authentication and authorization, including SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. It also supports password vaulting and automated sign-in capabilities for apps that support only forms-based authentication. Learn more about authentication scenarios and protocols, and SSO for applications.