Azure Active Directory (Azure AD)
Secure your environment with multicloud identity and access management
Help protect your users and data
Azure Active Directory (Azure AD), part of Microsoft Entra, is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.
Single sign-on simplifies access to your apps from anywhere
Conditional access and multifactor authentication help secure data
A single identity control plane grants full visibility and control of your environment
Governance ensures the right people have access to the right resources, and only when they need it
Get secured, adaptive access
Help protect access to resources and data using strong authentication and risk-based adaptive access policies without compromising the user experience.
Offer seamless user experiences
Provide a quick and easy sign-in experience to keep your users productive, reduce time managing passwords, and minimize friction.
Unify identity management
Centrally manage all your identities and access to your applications, whether they're in the cloud or on premises, to improve visibility and control.
Simplify identity governance
Help ensure that only authorized users have access to apps and data for users and admins with efficient automated identity governance.
Unify your identity infrastructure management
Simplify the experience of managing and securing your entire identity infrastructure—including Azure AD—with the Microsoft Entra admin center.
Comprehensive security and compliance, built in
-
Microsoft invests more than USD 1 billion annually on cybersecurity research and development.
-
We employ more than 3,500 security experts dedicated to data security and privacy.
-
Azure has more certifications than any other cloud provider. View the comprehensive list.
Find the pricing option that fits your needs
Azure Active Directory is available in four editions—one free, one included with Microsoft 365 subscriptions, and two premium plans for advanced enterprise, threat protection, and governance needs.
Get started with an Azure free account
Start free. Get $200 credit to use within 30 days. While you have your credit, get free amounts of many of our most popular services, plus free amounts of 40+ other services that are always free.
After your credit, move to pay as you go to keep building with the same free services. Pay only if you use more than your free monthly amounts.
After 12 months, you'll keep getting 40+ always-free services—and still pay only for what you use beyond your free monthly amounts.
Trusted by companies of all sizes and industries
Walmart embraces the cloud
Walmart teamed up with Microsoft to digitally transform its operations, empower associates with easy-to-use technology, and make shopping faster and easier for millions of customers around the world.
Mark Lewis, Infrastructure Architect, ASOS"We made our lives easier by adopting Azure Active Directory—we've saved time and money, improved the employee experience, and enhanced the security of our entire SaaS ecosystem."
Craig Churchward, Technical Specialist, Durham University"We had four weeks to accelerate the university's remote working solution.… Using Azure AD played an enormous part in achieving this. It's a much better user experience and so much more powerful in terms of what we can do with security."
Paul Ryan, Chief Information Officer, Kohler"Implementing Azure AD resulted in a central identity repository for each of our employees, contractors, and guests that is available globally."
Arshaad Smile, Head of Office 365 and Cloud Security, Standard Bank of South Africa"Features like Azure Active Directory Application Proxy were just phenomenal in terms of what we could do to secure the remote workforce. We were on the journey. We just accelerated the growth."
Jake Wright, Senior Customer Journey Specialist, Bam Boom Cloud"Enabling a Zero Trust approach with the strong authentication of Azure Active Directory and endpoint management of Microsoft Endpoint Manager ensures the high level of security and compliance DCCT requires."
Azure Active Directory resources and documentation
Azure AD overview
Identity for infrastructure as a service (IaaS)
Identity for developers
Frequently asked questions about Azure Active Directory
-
Azure AD is a part of Microsoft Entra, the new product family for multicloud identity and access solutions.
-
Stay up to date with the most recent developments by reading monthly updates, or see the product announcements on the Azure Active Directory identity blog.
-
We guarantee at least 99.99 percent availability of Azure Active Directory Premium services. See the full SLA.
-
Conditional access is an Azure AD capability that lets you automate access controls based on certain user conditions. Conditional access policies are enforced after the first-factor authentication has been completed. It's not intended as a first-line defense for scenarios like denial-of-service (DoS) attacks, but it uses signals from these events to determine access.
-
Implement single sign-on for your hybrid environment by adopting cloud authentication like password hash synchronization. With Azure AD Premium tiers, you also get health monitoring for your on-premises identity infrastructure and synchronization services.
-
Azure AD is the built-in solution for managing identities in Microsoft 365 and Azure. Add and configure any application with Azure AD to centralize identity and access management and better secure your environment. Configure single sign-on and automated provisioning depending on your application’s capabilities and your preferences. Learn how to configure single sign-on for a non-gallery application and how to use SCIM to automatically provision users and groups.
-
Yes. Azure AD supports several standardized protocols for authentication and authorization, including SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. It also supports password vaulting and automated sign-in capabilities for apps that support only forms-based authentication. Learn more about authentication scenarios and protocols, and single sign-on for applications.