Microsoft Entra ID vs Microsoft Entra Permissions Management comparison

Microsoft Entra ID vs. Microsoft Entra Permissions Management

Download the complete report

Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Entra ID

Ranking in Microsoft Security Suite

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

219

Ranking in other categories

Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Access Management (1st)

Microsoft Entra Permissions...

Ranking in Microsoft Security Suite

29th

Average Rating

7.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Cloud Infrastructure Entitlement Management (CIEM) (4th)

Mindshare comparison

As of April 2025, in the Microsoft Security Suite category, the mindshare of Microsoft Entra ID is 9.5%, up from 6.5% compared to the previous year. The mindshare of Microsoft Entra Permissions Management is 0.5%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

Aaron Liang

System engineer at a energy/utilities company with 501-1,000 employees

Has significantly improved secure access to applications and resources in our environment

Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

Read full review

Sameer Bhat

Vice President at Goldman Sachs

Provides resource-based access and security, but time-bound access can be a problem

Entra ID is the core of the identity management that we have. This is the key product that we are using. I am currently also looking into Entra Private Access because we are planning to deploy about 50,000 desktops into Azure and use Azure Virtual Desktop. We would like to give access to the users from the desktop to on-premises applications. I learned that Entra Private Access is a good solution. That is not yet GA, but that is what we are looking for. Entra provides a single pane of glass for managing user access, but because our company also integrates with Nebula API, only administrators use Entra's pane. A normal person who wants to get onboarded can do self-service using Nebula. The features for whitelisting and other things are definitely there. That is what we use specifically. Application IDs, enterprise applications, and all those things are already there, so we have more efficiency. There is also security because we usually do not allow user identities to get direct access to Azure resources. Usually, we use the service principles from Entra ID, so this way, it increases security. Entra has helped to save time for our IT administrators. We tend to automate a lot of things. We can do automation using Graph APIs and save time. It is hard to quantify the time savings, but there has been a medium amount of time savings. Entra has helped to save our organization money. We care about security and risk more than money, but it also saves money. We are premium customers, and because we have a commit-to-consume contract with Microsoft of multi-million dollars, the money does not come into it because we have to consume those resources.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Conditional Access, Geofencing, and Azure Multi-Factor Authentication are the major security features to secure resources."

"Microsoft Authenticator is highly secure."

"The scalability of the product is decent."

"The single sign-on is very convenient for us."

"Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely."

"The most valuable feature is that it is very easy to implement, you don't need a lot of effort to set up the solution. This is the most advantageous point, that you can do anything on Azure without taking too much time."

"Single sign-on, license management, and role management are the most valuable features. Integration with Microsoft 365 is also very valuable."

"The solution is free to use and you can use it for every service."

More Microsoft Entra ID pros

"Multifactor authentication is valuable."

"The solution integrates well with our infrastructure and other systems without any issues."

Cons

"Better deployment management and visibility functionality would be helpful."

"One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level."

"A nice feature that is not currently present, would be if they had some visualization tools."

"Lacks integration between applications and phones."

"I would like to see some additional attributes for user objects in Microsoft Entra, especially for tasks such as users and account validation, including guest users and guest accounts."

"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."

"There is no great solution in the cloud for Conditional Access authentication and RADIUS-type authentication."

"Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there."

More Microsoft Entra ID cons

"The solution's pricing and support services need improvement."

"We use a third-party API called Nebula API to integrate the account for authorization. The time-bound access area in Entra can be a problem. It can be improved in terms of the granularity of the permissions."

Pricing and Cost Advice

"The cost of Azure AD is one of the biggest benefits, as it is available for use free of charge when you start with Office 365."

"We have an agreement with Microsoft, and my company pays yearly."

"It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again."

"We pay an annual subscription fee."

"Everything needs to be considered for the requirements and if it is within the budget, then you can come up with a solution, whether it is SaaS, PaaS, or IaaS."

"The price of the solution was reasonable."

"Licensing fees are paid monthly."

"For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone."

More Microsoft Entra ID pricing and cost advice

"The product cost is in the mid to high range."

"We are a Fortune 500 company, so we always negotiate with Microsoft."

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

845,406 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

33%

Computer Software Company

10%

Financial Services Firm

Manufacturing Company

Financial Services Firm

15%

Computer Software Company

14%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How does Duo Security compare with Microsoft Authenticator?

We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...

What do you like most about Azure Active Directory?

It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.

What is your experience regarding pricing and costs for Azure Active Directory?

Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.

What do you like most about Microsoft Entra Permissions Management?

Multifactor authentication is valuable.

What is your experience regarding pricing and costs for Microsoft Entra Permissions Management?

The product cost is in the mid to high range. You need to have a good budget to implement it, so it is considered fairly expensive for our market. I rate the pricing a seven out of ten.

What needs improvement with Microsoft Entra Permissions Management?

The solution's pricing and support services need improvement.

Microsoft Intune vs Microsoft Entra ID

Comparisons

Compared 11% of the time

Google Cloud Identity vs Microsoft Entra ID

Compared 10% of the time

Okta Workforce Identity vs Microsoft Entra ID

Compared 9% of the time

Auth0 vs Microsoft Entra ID

Compared 6% of the time

Amazon Cognito vs Microsoft Entra ID

Compared 4% of the time

More Microsoft Entra ID Competitors

SailPoint Identity Security Cloud vs Microsoft Entra Permissions Management

Compared 35% of the time

Saviynt vs Microsoft Entra Permissions Management

Compared 35% of the time

Microsoft Defender for Cloud vs Microsoft Entra Permissions Management

Compared 17% of the time

More Microsoft Entra Permissions Management Competitors

Product Reports

Microsoft Entra ID

Download Microsoft Entra ID product report

Cloud Infrastructure Entitlement Management (CIEM)

Download Microsoft Entra Permissions Management product report

Microsoft Entra Permissions Management report

Also Known As

Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator

CloudKnox Permissions Management

Interactive Demo

Demo not available

Overview

Microsoft Entra ID is used for extending on-premises Active Directory to the cloud, managing application access, enabling multi-factor authentication, and single sign-on. It facilitates policy enforcement and secure access, ensuring centralized identity management across cloud and on-premises resources.

Organizations utilize Microsoft Entra ID for robust user and group management, identity synchronization, and conditional access. Its seamless integration with third-party apps, scalability, and support for remote work make it a preferred choice. The admin center streamlines identity and access tasks, enhancing efficiency and security with features like privileged identity management and audit logs.

What are the key features of Microsoft Entra ID?

Single Sign-On: Simplifies user access to multiple applications with one login.
Multifactor Authentication: Enhances security by requiring additional verification.
Conditional Access: Establishes policies that determine how users' access cloud apps.
Integration: Easily integrates with various third-party applications.
User Identity Protection: Safeguards user identities from threats.
Privileged Identity Management: Manages elevated access to sensitive resources.
Audit Logs: Provides thorough activity logs for oversight and compliance.

What benefits should users look for in Microsoft Entra ID reviews?

Enhanced Security: Offers strong multifactor authentication and identity protection.
Administrative Efficiency: Simplifies identity and access management tasks.
Scalability: Supports growing user bases and remote work environments.
Integration Capabilities: Compatible with numerous third-party applications.
User-Friendly Interface: Makes managing user identities straightforward.

Microsoft Entra ID implementation varies across industries. Tech firms leverage it for secure, scalable access management, while healthcare organizations utilize its identity protection features to safeguard patient data. Educational institutions adopt Entra ID for streamlined user management and policy enforcement, ensuring secure access for students and staff across on-premises and cloud resources.

Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities – users and workloads – actions, and resources across cloud infrastructures. It detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Microsoft Azure, AWS, and GCP.

Sample Customers

Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.

Information Not Available

Microsoft Entra ID vs. Microsoft Entra Permissions Management