Azure Active Directory documentation
Use Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra, to manage user identities and control access to your apps, data, and resources.
Architecture Center
Manage user identities
Fundamentals
Learn basic Azure Active Directory (Azure AD) concepts and processes.
Enterprise users
Create Azure AD tenants, manage user accounts, roles, and groups, and assign app access.
Roles
Manage admin permissions and apply the principle of least privilege using Azure AD role-based access control.
Privileged Identity Management (PIM)
Manage just-in-time role assignments to limit access to secure information and resources.
External Identities
Collaborate with partners using their own identities (B2B), or design customer identity and access management for your app (B2C).
Cloud sync
Create and manage user identities in Azure AD using Azure AD Connect cloud sync.
Application provisioning
Create and manage user identities in applications by provisioning from Azure AD.
Hybrid identity
Create a user identity that can access both on-premises and cloud resources by using Azure AD Connect.
Control access
Conditional Access
Control access to resources by enforcing policies based on user, location, device, and more.
Authentication
Configure sign-in methods and security features like self-service password reset, MFA, and more.
Device identity
Register and join devices to Azure AD for device management and Conditional Access.
Identity Protection
Automatically identify and address identity risks in your organization.
Apps, data, and resources
Application management
Develop, add, or connect an app to Azure AD and manage access.
Microsoft identity platform
Build your app on the Microsoft identity platform and use Azure AD as your authentication service.
Managed identities
Create an application identity that can connect to resources using Azure AD authentication.
Domain services
Move legacy apps to managed domains in the cloud while preserving user accounts, groups, and access.
Third-party applications
Integrate cloud-enabled, software as a service (SaaS) apps with Azure AD.
Monitor and audit
Identity governance
Protect, monitor, and audit access to critical assets throughout the identity and access lifecycles.
Reports and monitoring
Use logs and reports to determine usage of your apps and services, detect risks, and troubleshoot issues.