Please enable JavaScript.
Coggle requires JavaScript to display documents.
Secure access to your applications by using Azure identity services (1) -…
Secure access to your applications by using Azure identity services
(1)
Authentication and authorization
Authentication establishes the user's identity, but authorization is the process of establishing what level of access an authenticated person or service has. It specifies what data they're allowed to access and what they can do with it.
What services does Azure AD provide?
Authentication
Single sign-on
Application management
You can manage your cloud and on-premises apps by using Azure AD. Features like Application Proxy, SaaS apps, the My Apps portal (also called the access panel), and single-sign on provide a better user experience.
Device management
Along with accounts for individual people, Azure AD supports the registration of devices. Registration enables devices to be managed through tools like Microsoft Intune
How can I connect Active Directory with Azure AD?
Multifactor authentication
Something the user knows
This might be an email address and password.
Something the user has
This might be a code that's sent to the user's mobile phone.
Something the user is
This is typically some sort of biometric property, such as a fingerprint or face scan that's used on many mobile devices.
What's Conditional Access?
Conditional Access is a tool that Azure Active Directory uses to allow (or deny) access to resources based on identity signals.
Based on these signals, the decision might be to allow full access if the user is signing in from their usual location. If the user is signing in from an unusual location or a location that's marked as high risk, then access might be blocked entirely or possibly granted after the user provides a second form of authentication.
Where is Conditional Access available?
To use Conditional Access, you need an Azure AD Premium P1 or P2 license