Azure AD identities are digital representations of individuals, groups, or devices that are stored in Azure Active Directory (Azure AD). An Azure AD identity can be used to access various cloud services and resources, such as Microsoft 365, Azure, and other applications that support Azure AD authentication.
There are several types of Azure AD identities, including:
- User identities: These are identities that represent individual users in Azure AD. They can be created manually, synchronized from an on-premises Active Directory, or automatically provisioned through Azure AD Connect.
- Group identities: These are identities that represent collections of users in Azure AD. Group identities can be used to simplify access management and apply policies to a set of users.
- Service identities: These are identities that represent applications or services in Azure AD. They are used to authenticate and authorize service-to-service communication between Azure AD-secured resources.
- Managed identities: These are identities that are automatically created by Azure for resources like virtual machines or Azure Functions. They can be used to authenticate and authorize access to other Azure resources without requiring explicit credential management.
Azure AD provides a centralized identity management platform for Azure resources and services, allowing organizations to manage access to resources and applications from a single location. Azure AD identities can be managed and secured through various features, such as Multi-Factor Authentication (MFA), Conditional Access, and Identity Protection.
