DAY - 3 ------- MICROSOFT ENTRA ID ------------------ --> Microsoft is a cloud-based identity and access management (IAM) service that your users can access external resource. --> It is used for authentication and authorization so that only legimate users can get acess to the resources in cloud. --> Single company can have more than one Entra ID for resource, identity, project independence --> In Entra ID, ".onmicrosft.com" domain is created by default --> If we want to integrate our domain to Emtra ID, we can create a custom domain and verify it. Feature in Entra ID ------------------- Application Management : Manage Cloud and on-premises applications using SSO Authentication : Manage self-service password reset, enable MFA( multi factore authentication) Entra ID for developers : Build apps that sign in al Microsoft identities, get to keys to call Microsoft Microsoft calls and other APIs Entra ID B2B(business to business) : it is intended for organization that want to be able to authenticate users from partner/supplier organization. Entra ID B2C ( Business to Customer) : Customize and control how users signup/signin and manage their profiles whie using application Federation ---------- Federation in azure allows user to authenticate using on-prem credentials and access cloud resources. It involves federation applications with Entra ID (azure active directory) to enable single-sign on (SSO), security, management capabilities Entra ID Connect ---------------- It is used to integrate and sync onprem AD to Microsoft Entra ID ( Azure AD). whenever a new user is added to on prem AD, Entra ID connect will manual/ automatically sync user to AZure AD. Cloud Only ID ------------- This option is mostly opted by small companies who want to host their infra on cloud directly and do not have onprem setup already existing. Users are directly created in Entra ID ADDS sync ID ------------ This option is mostly opted by enterprises who already have their setup on on prem AD and wants to integrate their to Azure AD ( Entra ID) Guest ID -------- This option is for the users who you need provide access outside your domain/organization.