Authentication and authorization in Entra ID

1. Authentication and authorization in Entra ID

Welcome back! Now, let’s start with the foundation of security in Azure called Microsoft Entra ID.

2. What is Entra ID?

Entra ID is Azure’s service that manages identities and access. Simply put, it helps control who can sign in and what actions they’re allowed to perform. This includes people logging into apps and apps connecting to other services.

3. Example: PeopleSphere with Entra ID

For example, PeopleSphere uses Entra ID so employees can securely sign in to view their payslips, while HR staff can access sensitive payroll data. Entra ID securely manages all these permissions centrally.

4. The building blocks of Entra ID

We can think about Entra ID in three parts. First, Identity which like your digital fingerprint, usually your username or email. Next comes Authentication. It is how you prove who you are, such as with a password or multi-factor authentication. After you’re verified, Authorization determines what actions you can take, like viewing, editing, or deleting a resource.

5. Key concepts of Microsoft Entra ID

Microsoft Entra ID helps simplify security while keeping access control strong. Now, Let’s break down its key concepts. Its key parts include Identity Management, which automates user accounts and watches for suspicious activity like a digital security guard. Next is, Role-Based Access Control makes sure everyone gets the right level of access, no more and no less, like giving employees only the keys they need. Building on this foundation is Single Sign On that makes life easier by letting users sign in once to access multiple apps, so no more password juggling.

6. Key concepts of Microsoft Entra ID

And with Multi-Factor Authentication, security gets an extra boost, requiring a second verification step like a fingerprint or one-time code. Finally, Reporting and Analytics help track user activity and keep everything compliant. Together, these features create a secure and smooth identity experience

7. Users

Now, let’s see how Entra ID handles identities using users and groups. Users are individual identities in your organization. These include internal users like employees who belong to your company, and external users such as guest vendors who need temporary access. You can track their sign-ins, roles, group memberships, and devices. This helps keep your organization’s access secure and well managed.

8. Example: Users in PeopleSphere

For example, In PeopleSphere, employees are added as users in Entra ID to access their payslips, whereas Auditors join as guest users during compliance reviews for controlled access.

9. Groups

Groups make management easier by letting you assign permissions to many users at once, instead of individually. There are two main types. Security groups control access to resources, while Microsoft 365 groups focus on collaboration and teamwork.

10. Example: Groups in PeopleSphere

In PeopleSphere, HR managers are placed in a security group for payroll access, while it also uses Microsoft 365 Groups so HR and finance teams can collaborate on payroll and reporting.

11. Devices

Now, let’s talk about Devices and Roles. Devices are registered to allow secure access. Entra ID can enforce compliance policies, monitor device health, and support hybrid identities that work across cloud and on-premises environments.

12. Roles

Roles, on the other hand, define what users can do. There are built-in roles like Global Administrator and User Administrator, and you can also create custom roles for specific needs. This ensures users have only the access they require.

13. Let's practice!

Now that you’ve got the basics, let’s jump into some hands-on practice!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.