Authentication vs Authorization
The difference between Authentication and Authorization
Authentication is a user proving who they are - user id and password
Authorization is ensuring that a user is permitted to perform an action
Move away from all authenticated users having admin access
Azure Active Directory
Microsoft's preferred solution for identity management
Powers other Microsoft Services:
Azure
Skype
Outlook
OneDrive
Xbox
Office 365 - Teams, SharePoint, PowerBI, etc
Complete solution for managing users, groups, roles
Single-sign on - Synchronization with your corporate AD
Conditional access:
Detect unusual activity
Examples:
User A attempts to log in to the app from within the company office
User B attempts to log in to the app for the first time in 4 months
Administrator C attempts to log in to the app from their phone
Administrator D attempts to log in to the app from a location 1200km from the office
You can treat some access attempts as "routine", and some as "not normal"
Signal --> Decision --> Enforcement
Last updated