Microsoft Entra ID Reviews

My main use cases for Microsoft Entra ID include Azure App Registrations and management of third-party integrations into our M365 tenant.The implementation of Microsoft Entra ID has been pivotal for our secure access to apps or resources in our environment. We use Microsoft Entra ID to grant access for all external apps that want to connect into some type of data source in Office 365, so it has been crucial to be able to set those up and manage those.Microsoft Entra ID's integration capabilities have been the foundation for our Zero Trust model because my team only sets up integration and Azure App Registrations based on a request and we review them. Nothing gets access to any data or anything in our tenant unless we review it and approve it and configure it in Microsoft Entra ID.

The features of Microsoft Entra ID that I value the most include the governance tools around OAuth, Azure App Registrations, and the security tools that enable us to set those up and monitor those.The features of Microsoft Entra ID have benefited my organization by allowing us complete control over what apps have access to what in Office 365 and for how long due to the Azure App Registration tools and process that Microsoft Entra ID offers us.

Microsoft Entra ID can be improved through better lifecycle management of the Azure App Registrations. If a token or a certificate is going to expire, it would be helpful to notify the app owner or the representative in our organization, saying that their certificate is getting ready to expire in two weeks, asking if this is still in use and if they still need this, and providing information on how to renew it if needed. Additional tools for governance and lifecycle management would be beneficial.To make it a ten, some of the governance and lifecycle management for app registrations that I mentioned would be beneficial. It would alleviate some of the time burden from my team to be able to automate the management of some of those aspects. Other than that, it is pretty solid.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability of Microsoft Entra ID as great.I have experienced some downtime, crashes, or performance issues, primarily the typical Office 365-wide outages that happen from time to time, but nothing beyond that.One of the outages I experienced was about a month ago where there were DNS issues with Microsoft, and all of Office 365 was inaccessible, along with the Microsoft Entra ID admin center.

Microsoft Entra ID scales well with the growing needs of my organization. As the organization has been growing with Azure App Registrations that I have been mentioning, we get more and more of those, and the tools are just there for us to use.We have expanded the usage of Microsoft Entra ID gradually over time as our organization has been getting bigger and there are more and more third-party apps that get brought on board, and it has been smooth.

I would rate customer service and technical support an eight on a scale from one to ten.I give an eight rating because for the most part, whenever we open up a ticket or need technical support, we get a good resource to help us quickly. However, every once in a while, you might get a resource that is not as well-versed in exactly what you are looking for help with. For my team, if we are opening up a ticket, we have already done a lot of basic troubleshooting.Overall, I would evaluate customer service and technical support as pretty good.

Positive

I have seen a return on investment with Microsoft Entra ID, as it makes my team, the engineering team for Office 365, have a much easier time in terms of managing third-party integrations and other apps that connect into Office 365.

I cannot speak to the setup cost of Microsoft Entra ID because it was before my time here. Licensing has been pretty pain-free. All of our users get the base E3 license, so the workload on that is pretty easy.

To other organizations considering Microsoft Entra ID, I definitely advise you to implement it, as it is crucial for my team and what we do in controlling access to certain resources in our tenant. I cannot imagine doing our job without it. I would rate this product a nine out of ten.

Hybrid Cloud

My main use case for Microsoft Entra ID is for access control. I'm not entirely sure what I like the most about Microsoft Entra ID, but perhaps it's that everything is included in the same app compared to before. Mainly, we have SharePoint set up, so we use it to manage users' access, which is the main purpose.

SharePoint site access has mainly benefited my organization, and that's how we have Microsoft Entra ID set up. Because of the hybrid environment we have with Active Directory, that's why we have it configured for our users' access to folders and sites.

Microsoft Entra ID did help with our approach to phishing resistance, and we appreciate the Office 365 MFA protections. Since we have this hybrid environment set up, we find it more secure when accessing any Office 365 products such as Outlook, SharePoint, and OneDrive.

I think something can be improved, but it's working.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability as generally good, as we do have occasional downtime for SharePoint, but usually the service is restored within an hour or less, which is good. There is nothing major with downtime, and we are satisfied.

Microsoft Entra ID works well for scalability in my organization, as we have grown from 150 employees to 700 employees. There are some changes in licensing, with Microsoft offering cheaper licenses for employees under 300, and when you exceed that number, you move into another level and another layer of the licensing scheme. The transition is quite easy, and it gives you the flexibility to mix and match the licenses you want.

I recently used customer support, but it was not for our production environment; it was for our test environment. I contacted support and I am waiting for a phone call. We have experience contacting support, and they are good.

I have not personally contacted support a lot, but some of my team members contact them regularly, and they receive very good feedback from them. According to the comments I received, I would rate customer support around a seven or eight.

Positive

I did not consider another solution before; we are Microsoft customers, and it has been that way since day one.

The deployment of Microsoft Entra ID is easy once it's migrated to the cloud. The implementation of Microsoft Entra ID is required for SharePoint sites to provide user access, and that is one of the requirements, so that's why we had it set up.

I have seen a return on investment, as it's a great investment because our production environment has now migrated to the cloud, and we use SharePoint extensively. Microsoft Entra ID is what we use for access control, and it's a great investment.

I do not believe we pay anything extra for Microsoft Entra ID; it's a good deal. We have Office 365 licenses, and Microsoft Entra ID is included.

We have not just relied on Microsoft Entra ID for the security setup, as we do have other third-party software integrated with our system for protections and data protections.

Nothing right now has influenced my Zero Trust model with Microsoft Entra ID integration capability. My organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID, as I have other security solutions in place, so we do not use Microsoft Entra ID for protections.

I am satisfied. I would rate this product an eight overall.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID is used for hybrid synced users to Azure and for external users with guest accounts created in the directory. Security groups and all related functionality are utilized for user management.

Logging activities, including sign-in logs, password lockout, and security monitoring for compromised accounts, are valuable components of the implementation.

To prevent intrusions, as a government entity, Microsoft Entra ID is used to determine if someone is attempting to brute force an account and to understand the origin of the access attempt and whether it represents an actual threat.

Logging, sign-in logs, password lockout, and security features for compromised accounts are the most valuable aspects of Microsoft Entra ID.

To prevent intrusions, the ability to determine if someone is attempting to brute force an account and to understand where the access attempt is originating from and whether it represents an actual threat is critical.

Microsoft Entra ID has had a very positive impact because access can be controlled both internally and externally to the environment and applications used by the organization. Many app registrations function through Microsoft Entra ID to allow internal and external users to access applications.

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

Microsoft Entra ID could benefit from improved structure and organization. Currently, internal and external users are grouped together, and filters must be applied to differentiate between them. Having separate areas for internal and external users would be beneficial since they should be treated differently.

Growth opportunities exist in separating certain elements for improved viewability.

Microsoft Entra ID has been in use for approximately eight years.

The primary issue experienced with Microsoft Entra ID is Azure sync performance. Over the past year, syncs have occasionally taken longer than expected to complete between on-premises and cloud environments. While syncs should typically complete within 30 to 60 minutes, there have been instances where syncing has taken hours. These issues have been reported to Microsoft, and while they address the problems, they do not typically share details about the fixes applied.

Microsoft Entra ID has been expanded through the creation of security groups specifically in the cloud rather than on-premises. The organization is moving forward with all groups being created in Azure and Microsoft Entra ID. User accounts will continue to be created on-premises, but security groups and dynamic groups will all be created in Azure and Microsoft Entra ID.

Support for Microsoft Entra ID is evaluated as generally good, with few problems encountered. On a global scale, however, support has not been consistently reliable.

Positive

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

The primary benefit observed from Microsoft Entra ID is the ability to identify and respond to suspicious account activity. Most frequently, locked accounts have been investigated and flagged accounts have been flagged for suspicion or high risk, particularly guest accounts invited to the tenant. This allows the organization to communicate with affected users and recommend actions such as password resets. This capability is especially valuable because the organization regularly interacts with the public.

Zero-trust model implementation has not been influenced by Microsoft Entra ID, as this reviewer was not involved in that initiative.

The organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID.

No competitive solutions have been evaluated or considered, as the organization is satisfied with Microsoft Entra ID. This review is rated as an 8 out of 10.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID serves as the main use case for everything, supporting M365 and all related services, with Entra ID being a key component for everything.

The features for users, groups, and management are what I appreciate most about Microsoft Entra ID.

Single sign-on (SSO) is an example of how the features of Microsoft Entra ID have benefited my organization. We use Entra to access our laptops and applications, and single sign-on helps ensure business resiliency so that if our domains are compromised, we can still access Microsoft M365 and other services.

Microsoft Entra ID's integration capabilities influence our zero trust model significantly, as we use a lot of conditional access through Entra to support that part.

Since implementing Microsoft Entra ID, I have observed that it would be beneficial to have more analytics and everything integrated there, as opposed to how we normally do searches. Co-pilot might play a big role in getting more data much quicker from Entra.

I think more analytics would be beneficial in the next release to improve Microsoft Entra ID.

I want Microsoft to improve dynamic group creation and the logic behind them. Another area needing improvement is dynamic groups, where you cannot utilize many of the custom attributes in the dynamic groups, which are very limited.

I have been using Microsoft Entra ID for ten to fifteen years.

I would assess the stability and reliability of Microsoft Entra ID as acceptable; we have issues sometimes, but overall, it is satisfactory.

I have experienced downtime, crashes, or performance issues on occasion.

Microsoft Entra ID scales well with the growing needs of the organization, and I find it good overall.

I have expanded usage of Microsoft Entra ID.

The process of expanding usage was quite smooth.

I would rate my customer service and technical support as six out of ten, noting that level two support is really poor while everything else above that is good.

Neutral

Prior to adopting Microsoft Entra ID, I was using an on-premises Active Directory solution to address similar needs.

I would describe my experience with deploying Microsoft Entra ID as good overall.

The process worked well, and I faced no significant challenges. However, we had some initial mapping issues when trying to perform synchronization services from on-premises AD to local AD to Entra, and there is still a limitation on the number of mappings you could do from there.

My experience with the deployment was good, though initially, the biggest challenge was mapping the fields from on-premises to cloud and making sure you have all those requirements for the application. Once we got the initial part done, it is quite good.

I have seen a return on investment with Microsoft Entra ID.

My experience with the pricing, setup costs, and licensing of Microsoft Entra ID is that it is part of our base, and there is no additional cost.

Before selecting Microsoft Entra ID, I did not consider any other solutions as we are in the Microsoft Azure ecosystem and do not have any other choice.

My organization's approach to defending against token theft of nation-state attacks has not changed since implementing Microsoft Entra ID.

The implementation of device-bound passkeys in Microsoft Authenticator has affected my organization's approach to phishing resistance in that we do not use that directly. We use a third-party system to do that, which is primarily Okta. However, I have tested FastPass and enabled it for mine, so it is definitely helping with security and ensuring that all authentication is secure, though we do have a pilot and do not use it for the majority.

The factors that led me to consider a change to Microsoft Entra ID included scalability, cost, and being cloud-native.

I can share metrics or data points that demonstrate the impact of our integrations.

I can share data points or examples, as it is the AD. Without that, nothing will work. Without Entra, it is the key one for that, meaning it is the base fundamental thing you need in order to do anything.

My advice to another organization considering using Microsoft Entra ID is to look at the initial implementation, which will take time, so ensure you plan regarding what you need. For us, that was mapping, how authentication would change, what applications you are migrating to the cloud, and how you are going to map those things. Good planning before implementing would be beneficial. I rate this review seven out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

Our main use cases with Microsoft Entra ID involve extending our on-premises Azure into the cloud, starting with messaging in M365 and syncing the IDs up, but we also do a significant amount of work with enterprise apps, app registrations, and different types of identity within Azure.

Within Microsoft Entra ID, I appreciate being able to perform the SAML configurations for enterprise apps and app registrations, SSO, which is something that we are using heavily with Conditional Access for the MIDFS.

The implementation of Microsoft Entra ID has had a huge impact on our secure access to the apps or resources in our environment, as we can use Conditional Access to apply MFA going into apps, which definitely helped with our compliance.

The integration capabilities of Microsoft Entra ID have influenced our zero-trust posture quite a bit, as we actually use the zero-trust worksheets that Microsoft put out, we are doing PIM, and applying PIM on various items, along with Conditional Access policies, so I would say we are using it quite a bit for that.

I do not have anything to share at the moment on how Microsoft Entra ID can be improved or what additional features should be added in the next release.

I have been using Microsoft Entra ID heavily for six months.

I assess the stability and reliability of Microsoft Entra ID as pretty solid, aside from that Front Door issue recently, since everybody makes mistakes.

Other than that Front Door issue, I have not experienced any other downtime, crashes, or performance issues. There was about a month ago when you could not get into the portal, but aside from that, the users kept working, we just could not access it.

Microsoft Entra ID scales with the growing needs of my organization, and I experience no issues there.

We have expanded usage, as we are continually growing and merging tenants with a parent company that acquired us.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support as a five.

I give it a five because it depends on who you get; some people are awesome, and some people, I can find answers through Google before I get a response from them, so it just all depends on the engineer. Once you get past the first engineer, you normally get some pretty good help.

In evaluating the customer service and technical support, I think that everybody is always nice, and I can tell they all try, but you just do not seem to get a high-level expert on the first contact, and it sometimes takes too long to escalate quickly when needed, which is my best recommendation.

Neutral

Prior to adopting Microsoft Entra ID, I was using another solution, which was just on-premises AD.

The process of merging tenants has been somewhat smooth; we are still going through it, but we pretty much did a net new on their side, Greenfield, so the user accounts are all new, and we did not actually migrate them, but we are adding around 15,000 users to the tenant, so it seems to just be doing its job, syncing, and creating the accounts.

My experience with deploying Microsoft Entra ID is that we have had it for so long that I actually did not deploy it at this company; it was already deployed, and I had to fix a lot of things, but Entra Connect, it all just kind of works, and I have no major complaints that I can think of.

My experience with the deployment has been good, as there were no issues that I could think of, and I have done several upgrades to it, and it all just kind of works.

I do not know the cost, so I cannot say for sure if I have seen a return on investment.

Regarding my experience with the pricing, setup costs, and licensing of Microsoft Entra ID, I do not manage licensing, so I cannot speak to that. It is expensive, but thankfully, I do not manage the licensing.

Before selecting Microsoft Entra ID, we considered other solutions and determined that we are a Microsoft shop, so we pretty much needed it for Teams and email and everything else.

Since implementing Microsoft Entra ID, I do not have any metrics on the frequency or the nature of the identity-related security incidents in my organization that I can share.

Our organization's approach to defending against token theft and nation-state attacks has not changed as a result of Microsoft Entra ID, as it is constantly changing because we are always trying to improve.

The implementation of the device-bound passkeys in Microsoft Authenticator is something we are working on switching to, so I cannot say for sure; we are using some other MFA.

The advice I would give to another organization considering Microsoft Entra ID is that I do not really have any; it just kind of works, and I think it is a good solution that works well despite not having all the features of some other options. I give this solution an overall rating of nine.

Hybrid Cloud

Other

I have been using Microsoft Entra ID since its release. My main use cases with Microsoft Entra ID include identity management, lifecycle management, account creation, and access management within Entra. Currently, we are exploring Microsoft Entra ID governance and looking to expand in that direction. Overall, everything around account management and identities management within Microsoft Entra ID itself, from creation to deletion, represents our primary focus.

Working in the Microsoft environment, I find it beneficial to have Microsoft Entra ID integrated within the entire ecosystem. It is fast, accessible, and I believe it is the best option on the market for directory services.

The implementation of Microsoft Entra ID has definitely made app access easier and more seamless for working with Azure registered apps by allowing them to be integrated within the system and setting up SSOs and secure authentication through Entra.

The implementation of device-bound passkeys in Microsoft Authenticator has definitely improved our organization's approach to phishing-resistant practices because we went passwordless. We still have a small fraction of users who are not capable of performing MFA because of their work specifics, but it has definitely made our security stronger.

Microsoft Entra ID could be improved with more integration with third-party solutions like SAP or access management to third-party apps that are not capable of being registered within Azure itself. Having this extra extension to non-native, non-integratable things with Microsoft solutions would allow us to manage access to those systems as well.

I have approximately ten years of experience in my main area of expertise.

I assess the stability and reliability of Microsoft Entra ID as very good. We do not see any outages or problems whatsoever. Occasionally something happens, but it has to be a global outage. I have not experienced any downtime, crashes, or performance issues with Entra.

Microsoft Entra ID scales very well with the growing needs of our organization. We are expanding usage every year. The process for expanding usage is very smooth. We purchase extra licenses, provision users, and that is it.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support experience as an eight. I give it an eight because every now and then we get some questions, maybe not necessarily within Entra, but overall within tools available in Azure. Sometimes it takes a bit if we have a very difficult, very specific niche question to get the expert product team to help us, but again, it has to be something very complicated. I evaluate my customer service and technical support experience as very good overall.

Positive

Before adopting Microsoft Entra ID, I was using Active Directory to address similar needs.

I would describe my experience with deploying Microsoft Entra ID as taking some time but relatively easy with support from Microsoft partners integrated, so it was not extremely difficult.

I did not face any major challenges during the implementation process. My experience with the deployment was a long time ago. The process was okay, like any other project. We transitioned from on-premises to Azure Active Directory, which was then renamed to Microsoft Entra ID. It took some time, but it was a very good and interesting project overall, something new coming from on-premises to completely in the cloud, which was beneficial. Currently, we are trying to go cloud-first, but that is a long journey as well to minimize the on-premises footprint in our organization.

I would not necessarily be able to answer if I have seen a return on investment with Microsoft Entra ID at this point.

My experience with the pricing, setup cost, and licensing is that it is within my area of responsibilities, as I personally manage the licensing for our company. The only thing I would improve in that area specifically is that when we do contract extensions, which happens every year through annual orders, this process is fine. However, any additional licenses we purchase throughout the year through a volume licensing portal can sometimes be confusing because understanding what we are actually purchasing versus what we actually need is unclear. The differences with naming and SKU names between different channels are not unified. Purchasing extra licenses is sometimes confusing.

I did not really consider other solutions before selecting Microsoft Entra ID.

For example, we were capable of introducing complete passwordless authentication for our users, moving away from passwords and utilizing Windows Hello for Business integrated with Entra. The majority of our users do not even remember their passwords and instead use passwordless authentication through Entra with Windows Hello for Business.

Since the beginning, when it was called Azure Active Directory and then switched to Entra, I observe that the amount and pace of changes, new updates, and features coming from Microsoft is definitely higher and faster than it was at the beginning. We basically see new features every day, so the innovation coming with Entra and new use cases that we can apply with it is significant.

I am not aware of any changes in our organization's approach to defending against token theft and nation-state attacks since implementing Microsoft Entra ID.

I would advise another organization considering using Microsoft Entra ID to definitely check it, conduct a POC, and most likely proceed with it because in my personal opinion, it does not get any better than that. I have given this review an overall rating of ten.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID houses all of our users, and we conduct all of our identity and SSO and protection through it. Our sign-in logs go through Microsoft Entra ID, so we have everything, and it's how we build all of our access policies and how we determine who can access what from where and what we trust and what we don't trust.

I probably appreciate the identity protection capabilities of Microsoft Entra ID the most. The implementation of Microsoft Entra ID has had an impact on our secure access to applications or resources in our environment; it's everything because that's how all of our users access everything.

Microsoft Entra ID's integration capabilities influence our zero trust model philosophy heavily because it handles everything. Our organization's approach to defending against token threats and the efficiency of its actions has been pretty consistent since implementing Microsoft Entra ID.

We perform Microsoft Entra ID protection, and we use all of their identity and sign-in risk capabilities to help us determine what's suspicious activity, and then autonomously, they're blocking it or requiring some extra method of authentication to verify that it is someone legitimate.

The peace of mind from a security perspective and knowing that we have all the data that we need to, along with the assurance that people are only accessing resources when they need to and where they are, is everything.

I would appreciate seeing provisioning with HR systems improve in Microsoft Entra ID because they have capabilities out of the box for Workday and Bamboo, but we don't use those. Making the streamlined process of being IT hands-off whenever HR does their thing, and it just automatically populates would be ideal. We've built something ourselves, but it's a lot of maintenance to keep up with it, and it's not ideal to have to manage everything ourselves.

I've been using Microsoft Entra ID for all six years.

I assess the stability and reliability of Microsoft Entra ID as good; it very rarely goes down. I haven't experienced any downtime, crashes, or performance issues with Microsoft Entra ID.

Microsoft Entra ID scales well with the growing needs of our organization; there are no scalability issues. I have not expanded usage of Microsoft Entra ID.

On a scale from one to ten, I would rate my customer service and technical support as good, at a seven or eight. I give it a seven or eight because the people that I deal with are knowledgeable; obviously, it's a complicated platform, so not everyone's going to know everything, so you can't really give them a ten out of ten. For the vast majority of issues, we can get answers to whatever we need to. I don't have any negative issues to evaluate regarding my customer service and technical support experience.

Positive

Prior to adopting Microsoft Entra ID, I wasn't using another solution to address similar needs.

My experience with deploying Microsoft Entra ID is that it was easy; Microsoft makes it so that it pretty much does it itself, so there's really not much that you have to do. The deployment of Microsoft Entra ID was easy, as it comes with your 365 tenant, so there's not much that you have to do.

I have seen a return on investment with Microsoft Entra ID at 100 percent.

My experience with pricing, setup cost, and licensing regarding Microsoft Entra ID is that it's just our regular Microsoft licensing, so we don't really license Entra directly; we just get it as a part of the product suite that we receive.

We didn't consider other solutions before selecting Microsoft Entra ID; it was a clear choice.

I think we've actually had more identity-related security incidents since implementing Microsoft Entra ID, but I don't think that's because more issues are actually happening; we just have better insight on compromises and we're able to act on matters better. I don't think we're aware of more, so it makes it look as though that's happening more, but it's primarily increased visibility.

The implementation of device-bound passkeys in Microsoft Authenticator has been good; it's pretty easy for the users to employ. We're not doing hard passkeys, but some people have started adopting the Authenticator passkeys, and they work well. We mostly use the Authenticator application, and no one has any complaints.

The real challenge I face is the sync between objects and getting that set up, but once that's established, it's pretty self-running, and you don't really have to do anything with it.

My advice to another organization considering using Microsoft Entra ID is that if you're using any other part of the Microsoft tech stack, there's really no reason for you not to. I would rate this product a ten out of ten overall.

Public Cloud

Microsoft Azure

My primary use case for Microsoft Entra ID is service principal management for API access and infrastructure access to Azure and similar systems. We also use it for single sign-on into some applications, such as SAML and OIDC applications.

The features of Microsoft Entra ID that I find most valuable include the ability to define service principles and assign permissions. This aspect is valuable but also difficult to manage. This is because it gives teams permission to self-service and access the infrastructure. We can assign fine-grained permissions, so there is a proliferation of service principles. There are many of them, making it difficult for us to streamline management.

Joining devices with Entra ID and the integration of Intune is cool. It's an easy integration. We use a different MDM, but we are looking into Intune integration. If that works, things will be simple for us.

It is difficult to manage Microsoft Entra ID because we did not lock it down initially, which meant that by default, any user with an account into Microsoft Entra ID could provision permissions for themselves and access Azure infrastructure. We discovered later that we needed to lock it down, resulting in close to a million service principals due to knowledge gaps within our team. 

With our integration of Microsoft Entra ID and federation to Okta, our identity provider, there is now a lot of overlapping functionality. However, to support different operating systems for our use case, we still use Okta. The issue arises when authenticating apps through Okta; it sees authentication requests from the Office 365 umbrella of apps without identifying the specific app. Moreover, there is a persistent token involved when logging in through Microsoft Entra ID, which prevents redirection to the identity provider for authentication, leading to certain limitations.

Their support needs improvement. The UI can also be better. The menu options are very confusing at times. Coming from a different product, which is very similar, it's not intuitive. The UI isn't great. It doesn't look modern at all. The UI could look a lot different. It can be more snappy and more intuitive.

I have been using Microsoft Entra ID for approximately four to five years.

The stability and reliability of Microsoft Entra ID are satisfactory. We have a stage environment, and although the UI appears quite slow, there are no issues with downtime.

Microsoft Entra ID scales effectively with the growing needs of our organization, as we have never faced any challenges with its scalability.

We have about 40,000 users and a lot of AD groups. 

I would evaluate Microsoft support as three out of ten. Microsoft support does not engage right away. They usually try to deflect, buy time, and often do not address the problem immediately. They tend to take excessive time and pin the blame on other components or products involved. We have had notoriously bad experiences with Microsoft support, with cases remaining open for extended periods, leading us to sometimes give up and seek solutions ourselves.

Negative

We also use Okta as our IDP. We have had it for a long time. 

Microsoft started adding more and more features to Azure AD, then it became Entra ID, but it is not our default IDP. There is not a huge difference between them, but Okta support is great because they are a much smaller company compared to Microsoft. They are much more responsive. Their support is definitely way better than Microsoft's support.

I didn't do the deployment. Another team did it. I guess it was easy. 

We have a hybrid setup. Our AD is on-prem.

We have not yet seen an ROI. We are yet to properly leverage Entra ID features. We can't fully blame Microsoft there, but there are definitely some integration pain points.

We have not looked into any other identity solutions.

I would rate Microsoft Entra ID a seven out of ten. It can play well with other products. The integrations can be simple, and the UI can be better.