Microsoft Entra ID Reviews

I have demo tenants where I test lots of features, such as creating test accounts and managing permissions.

Many organizations are shifting to a zero-trust model where nothing is trusted by default, and we explicitly add permissions as needed. Entra has some of those metrics, like risky sign-on. You can set up conditional access policies to ensure users can't access it from unknown locations. 

I can look at the logs to see how often my users are flagged as risky and fine-tune my policies to balance usability and security. The biggest implementation barrier with many test accounts is ensuring passwords aren't shared. Using MFA has also helped us ensure the test account is mapped to a single person. 

A lot of these features from Entra ID were implemented in our tenants. The biggest issue we've seen is that these passwords are leaked because someone shared them in a group when they were not supposed to. I think a lot of the policies that Entra has introduced lately around condition access for access management have helped us mitigate that.

I like how Entra allows you to upload a CSV file with user details for bulk user creation. This is useful for automation. Entra has made it easy to manage identity and access by integrating with all Microsoft services. Everything is managed in a single place, eliminating the need for another application.

It was super easy to understand how the basic functions work. The documentation on learn.Microsoft.com was sufficient to get most tasks done. 

The device-bound IDs in Microsoft Authenticator help us fight phishing, which is traditionally made possible by individual passwords. With passkeys, we eliminated the need for passwords to be stored and remembered. These test accounts aren't used daily, so people write the passwords down, and it's insecure. These phishing-resistant ensure we mitigate those risks. 

We've become more aware of token theft and state attacks. For example, if the demo tenant can access our internal resources and code still in development, we ensure that all these user IDs are authenticated. Entra can delegate and control access to apps, helping to close those attack vectors. 

Entra could be improved by enhancing self-service options for end users, such as making password reset options more accessible. This would simplify the user experience for end users.

I have used Entra ID for about a year.

For both the stability and scalability, it's pretty good. I've never had any issues with users trying to log in.

Both the stability and scalability of Microsoft Entra ID are pretty good with no reported login issues.

We have not needed to contact customer service due to sufficient public documentation. This suggests good technical support.

Positive

We used Keycloak for access management and single sign-on and some of the AWS native IAM solutions. Keycloak is open-source, so it's vendor-agnostic and can be integrated with any custom app you build, whereas you run into vendor lock-in with Entra. However, Entra is natively integrated with all Microsoft products, and we've migrated to using an exclusively Microsoft ecosystem. 

The documentation on Microsoft's website was sufficient to understand the setup for basic functions, making the initial setup straightforward.

We did everything in-house without involving any integrator, reseller, or consultant.

Entra is bundled with every new tenant you set up on Azure, so we don't need to pay for extra solutions to manage the fundamental aspects of user management and accounts.

I rate Microsoft Entra ID nine out of 10. It fits my purpose perfectly, and I seldom need to search for alternatives due to its comprehensive functionality.

Hybrid Cloud

Other

We primarily use Microsoft Entra ID in hybrid scenarios where we are undergoing digital transformation. We had on-premises Active Directory that we transitioned to Entra on the cloud, enabling users to authenticate with their regular credentials.

We have a complex scenario with several applications, and we're trying to achieve SSO for most of our applications, but some of our legacy applications don't support SSO or modern protocols. Our core applications are ready for SSO or to be federated. We've centralized our authentication process using Entra ID, so we can collect sign-offs from the users and filter using conditional access. 

Our identity solutions are mature because we started with FIDO and YubiKeys. It's easier to implement now that we aren't sticking to a device. We aren't increasing our costs to add another asset to the user that we can use on their mobile phone. Technologically, FIDO is excellent, but Microsoft Authenticator is even better. 

Entra ID is integrated with Sentinel. It's ingesting logs from Entra ID, and we have playbooks to mitigate any identity-based risks. We could figure out our authentication flows and detect any misbehavior through integration with Sentinel. Entra ID enriches this process with logs, sign-outs, and remediation information.

We have an internal strategy for leveraging all Microsoft solutions. We avoid bringing in third-party applications to solve some gaps and try to address everything exclusively within Microsoft. Microsoft is the only vendor that can deliver the full lifecycle in one solution.

We are always working with cutting-edge solutions. For instance, we were struggling with Zoho support for SSO, and now we no longer use this domain. We are selling commercial vehicles, so it matters how reliable and trustworthy we are. No one wants to buy something from a company that doesn't protect customer data. We need something that makes an attacker's life harder. 

With Entra, we can provide a safe environment where we don't need to rely on users to secure their environment. We have plenty of security pillars to protect the company internally and externally. Using a zero-trust strategy, we reduced the differences between users, enabling safe navigation and asset use.

In my opinion, Microsoft sometimes releases products too early without providing enough documentation. Our team works with innovative solutions like verified ID, identity governance ,and lifecycle workflow.

When we started with lifecycle workflows, we had only two integrated worklows. Still, we couldn't find much of the information we needed in the documentation about our use case or how to leverage IDs in our proof of concept. 

Entra constantly releases new features, and other companies are releasing products at the same pace as Microsoft, so it's trickier. We started implementing a product called Next Identity that provides modern authentication methods like FIDO and push notifications. In 2023, we couldn't see how verified ID would help us. Now, verified ID has been integrated, and we can realize it, but at the time, we couldn't.

I have been using Entra ID for almost three years.

The solution is robust and stable, though we acknowledge the risk of potential backend outages from Microsoft, which could affect us significantly.

The solution is really scalable. We manage more than 100,000 devices and 300,000 user objects in Entra, indicating a high level of scalability in our environment.

We have always worked with Microsoft. Initially, we operated using on-premises Active Directory until we moved to Microsoft 365 and started using Azure AD at that time. Our parent company requires us to use Microsoft, but Entra is a core solution. 

The initial setup involved syncing our identities to the cloud and building a robust tenant as part of the company group. We adhere to a strict blueprint requiring the use of Microsoft solutions.

We have an internal hub in Lisbon focused on innovation and implementing solutions like Verified ID and identity governance.

I rate Microsoft Entra ID nine out of 10. 

Hybrid Cloud

Microsoft Azure

I am currently using Microsoft Entra ID and have been working as a user and administrator for nearly two years. It serves as an ID management tool which used to be called Active Directory on on-prem servers. With the transition to the cloud, it became Microsoft Entra ID.

The features I find most useful in Microsoft Entra ID include sign-in logs, device management, and application registration. With the Entra ID dashboard, I can access logs easily without needing to remote into servers. This tool is excellent for integrating third-party applications through application registration, making it easy to configure for single sign-on seamlessly. It supports conditional access across various Microsoft applications, enhancing secure access.

There should be guidance on features, especially security features, in Entra ID and whether they are sufficient on their own. The solution could become expensive when paying extra for enhanced security features, so Microsoft needs to offer better clarity on this matter.

I have been using Microsoft Entra ID for almost two years.

In terms of stability, I can say it is ninety-nine percent stable. The remaining one percent instability is mainly due to the hybrid setup.

I have no complaints regarding scalability for Microsoft Entra ID.

The customer service and support are excellent. I experienced a fast resolution within half an hour for an issue by the first line engineer on a Severity A case, which shows support is very good even with minimal licenses.

Neutral

I am not aware of the solutions used prior to Microsoft Entra ID, as I have been involved for the last two years only.

Since it is a SaaS model, everything is set up, and I just need to configure it according to my needs.

We did not require any integrator, reseller, or consultant for the deployment as we managed it internally, using Microsoft's extensive documentation for guidance.

Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.

I have only been involved with Microsoft Entra ID and am aware of another identity management solution called NetIQ, but Microsoft Entra ID is prioritized.

Users should prepare technically before using Microsoft Entra ID, especially in understanding ID management and security integration with applications. Microsoft Entra ID is regarded as the best ID management suite for integrating applications using SAML 2.0 for single sign-on. My total rating for Microsoft Entra ID is nine out of 10.

Hybrid Cloud

Other

Our primary use case for Microsoft Entra ID is mainly for single sign-on (SSO). We use it to log into other cloud-based applications. We have an internal sync from Active Directory to Microsoft Entra ID. Whenever an account is created in Active Directory, we immediately create an account in Microsoft Entra ID to automatically grant access to cloud-based applications. Some roles are assigned based on Microsoft Entra ID data.

Microsoft Entra ID's ability to extend and divide multiple applications based on requirements is valuable. It allows easy integration with One Identity and enables effective application management. The security configuration is straightforward and limits access to admin only, ensuring data integrity. Microsoft Entra ID enhances the Zero Trust model by providing simple integration and dedicated permissions for each application. Its features like token replay detection, attack-in-the-middle detection, and especially verify threat actor IP have been impactful in defending against threats.

I suggest improving the connector part. For technical users like me, it is manageable, but having comprehensive documentation for those who aren't familiar with the system would be beneficial. Additionally, synchronization issues occasionally occur, making it challenging to analyze logs and pinpoint the exact problem. Providing more detailed log information for synchronization failures would be helpful.

I have been working with Microsoft Entra ID for approximately six years.

I encountered no issues with the deployment of Microsoft Entra ID.

I find the stability of Microsoft Entra ID to be excellent. I would rate it a ten out of ten.

In terms of scalability, I would rate Microsoft Entra ID a nine out of ten.

I rate Azure Technical Support a nine out of ten. Whenever we require support, we receive it promptly.

Positive

I have primarily used Microsoft Entra ID. In various projects, we consistently used it and didn't switch to other solutions.

The initial setup of Microsoft Entra ID was simple.

We used an out-of-the-box connector available in One Identity management for connecting processes. It's easily available for configuration, and we customize it as per requirements.

The pricing for the setup and the cost overall is reasonable. I would rate the pricing nine out of ten, as per today's market.

Based on my experience, I would rate Microsoft Entra ID a ten out of ten. Setting up Microsoft Entra ID was simple. In terms of company size, I recommend it for enterprise-level companies. I find the overall pricing to be average but reasonable. As a real user of Microsoft Entra ID, I am not affiliated with the vendor or partners.

Hybrid Cloud

Other

We use Entra ID for single sign-on to all of our internal IT systems and public SaaS offerings within the company.

Entra ID streamlines permission management and authentication for most systems. It also unifies IDs, simplifies IT operations internally, and enhances security by enforcing a better security posture across the organization.

We like the ease of app registrations and single sign-on with Entra ID. It offers an easy way to add multi-factor authentication to nearly any application and system. 

We've used it within AKS clusters to do pod identities. That has greatly reduced the number of static credentials we have running around and drastically improved our security. Combining Entra ID with the amazing work of our AKS team has enabled us to shrink the blast radius of credentials given to applications instead of only at the node level. This has allowed us to scope down permissions to an application level instead of the Kubernetes cluster, making it more secure and much closer to a full zero-trust solution.

Entra has helped us fight token theft. We almost always use short-lived tokens, which help us address many of these challenges. They still exist for certain use cases, but they've been drastically reduced due to our ability to use short-lived tokens.

We have never had an identity-related attack because we're lucky. However, that's just a matter of time until we do in this industry. Not having them before does not mean that we're not better protected now

The automation aspects of Entra ID could be improved, particularly when automating through different providers and SDKs. It's somewhat clunky to automate ID management, but it's great once it's set up. I would also like to see better Terraform support. 

I have used Entra ID for the last three years.

The stability has been great. I haven't had any issues.

The scalability is great. I've hit no issues in terms of scalability.

I rate Microsoft support 10 out of 10. Microsoft customer service is the best in the industry. There are immediate answers to any issues that arise with great knowledge and a deep understanding of the product and business needs.

Positive

I've used multiple solutions in the past, including Google authentication and Okta. I switched mostly to consolidate and for a better feature set that integrated better with the rest of our Microsoft products.

The setup is one of the easiest I've seen in the industry. It's very easy to onboard.

We used ourselves since we're an integration company.

We have seen a return on investment. We already have Entra ID, and like many customers, we haven't used it to its fullest potential. We get a return from not needing to pay other vendors to do what we already had from Microsoft, which was better than the competition.

We evaluated Workspace ONE, Google, and Okta before switching.

I rate Microsoft Entra ID nine out of 10. Without good Terraform support, it will stay below a 10, but everything else is so great.

We use Microsoft Entra ID for multi-factor authentication (MFA) and users logging in for any Microsoft applications, especially for Microsoft 365.

Microsoft Entra ID has helped make our company more secure. Conditional access policies have assisted our users in logging in from various locations, not just on-premises.

Microsoft Entra ID makes the apps or resources in our environment more secure, especially with conditional access policies.

We use the cloud sync, so we can sync up with our Active Directory user accounts with the on-premise AD. There is a single password for the user, so we can put all the policy requirements and password complexities around it. It helps when the user does not have all these separate passwords, and we can make passwords more complex for better security.

We have not used the device-bound passkeys, but the Microsoft Authenticator app has helped a lot in terms of proving that the users are who they say they are, helping with the MFA authentication. It is a pretty easy-to-use app, especially with the number verification. It provides an extra later when someone is not just accepting an MFA prompt on their phone in the middle of the night.

Microsoft Entra ID has helped us defend against token theft and nation-state attacks. We were at more risk without it. It has helped us to better secure our environment and our users.

When we implemented it many moons ago, it increased our incidents, but Microsoft has gotten a lot better and the incident count has dropped dramatically. When you put in your users' ability to log into the cloud, if anyone has an email address of a user, they can just go to Microsoft.com and try to log in. That increases incidents, but the MFA and contextual policies help reduce the incident count.

I find the conditional access policies to be the most valuable. They provide a lot of granularity in determining where the users can log in from, how they log in, and what they have access to.

Having a little bit more logging would be beneficial. Better user sign-in logging is needed. We work with Okta, and the two of them do not always work well together. We can have more insight into some of the user information and how it interacts.

I have been using Microsoft Entra ID for about six years.

Microsoft Entra ID is a stable solution. We rarely had significant problems or crashes. We have had very few issues over the years.

We have never had any issues with the scalability of Microsoft Entra ID.

I would rate their technical support a six out of ten. It requires starting at the bottom and working our way up, which is time-consuming. The tech support model or the person we are working with is not always knowledgeable to the level we need help. 

Before we call support, we would have already exhausted many possibilities. Having to start at the bottom and go through it all over again is frustrating because time is very critical. When working with support, it can be frustrating because we have to go over things that we have already tried to resolve.

The time they take to get back to us is also sometimes longer. They have their SLAs, but when you are back and forth with the rep, it sometimes takes a lot of time.

Neutral

We were a Novell shop before migrating to Microsoft. The decision to migrate happened many years ago before my time at the company.

We have a hybrid setup. We had a partner to help us. It was fairly easy. I have since done smaller implementations on my own, and it is fairly straightforward and easy.

Our partner had an implementation strategy for us. We worked with them to implement the solution.

Our implementation team was assisted by a partner named Araya. Working with them was a good experience. We were able to get everything migrated and launched in Microsoft Azure. Overall, it was a good experience, enabling us to launch in Microsoft Azure successfully.

I would rate Microsoft Entra ID a nine out of ten. You have to do a lot to get a ten.

Public Cloud

Microsoft Azure

At first, we used Entra for Single Sign-On (SSO) purposes, but there are multiple use cases. It is the backbone of managing identities and access to Microsoft 365, for which we have licenses. We were also using it for SSO authentication for third-party applications.

We do not use Microsoft Authenticator. We use ADFS, which is federated with Entra, and we are integrated into that, so we do not use Microsoft Authenticator except for admin accounts.

Entra has had a positive impact by enabling us to synchronize the IDs from on-prem to Entra ID and grant access to applications based on those users and their groups. 

The identity and access management piece is probably the most valuable to us. Since its implementation, synchronizing the identities from on-premise to Entra ID has had a positive impact. This allows us to grant access to applications based on those users and the groups they belong to. 

The conditional access policies are helpful. They let you control access based on what devices they connect from. The conditional access policies prevent people from accessing our environment from outside our domain or non-company computers. We've relied on the verified threat actor feature to identify whether it's a real user or a bad actor based on the source.

The area that needs improvement is integrating IDs between multiple environments and forests. In our case, it's hard to get the identities from multiple forests into one location. This is probably our biggest challenge.

I've used Entra for about eight years since we opened our commercial cloud.

I haven't had any issues with the virtual machine, so it is stable.

It's been great. We have the upgrade support package, but actually, most of the built-in support is the best.

Neutral

We previously used ADFS and switched mainly because of our licensing model and to gain access to Microsoft 365. So it just became an extension of it.

Ultimately, it's the base setup for everything. It's Microsoft 365, so it's a required piece. It's hard to quantify our ROI because it's just something we need. 

I rate Entra ID seven out of 10 because it's hard to have a single tie to integrate all identities within our core curriculum due to multiple forests.

Public Cloud

Our primary use case is for identity platform and security platform, mainly for multi-factor authentication (MFA), to make all access to our enterprise applications unified for each user.

Our most valuable features are conditional access and Azure application proxy. The passkeys are a significant improvement, giving us the most phishing-resistant MFA.

Entra allows us to provide access to more users without a VPN, especially for our web-based platforms, which are published with the application proxy and MFA. Reducing VPN usage has been beneficial for us. The ability to offer employees access to any platform, including private PCs and tablets, has been a game-changer.

Private access and internet access should be available in a less expensive licensing model.

I was using Active Directory for more than 10 years before we switched to Entra ID.

We have experienced no problems with stability. We have had full uptime at all times.

Entra is a cloud solution, so scalability is not a problem for us.

The technical support has its downsides and upsides. While they are fast, it can take time to get the right person because there are many steps to reach the appropriate team member at Microsoft support, which can be somewhat annoying.

Neutral

We started with Office 365, so there was a clear statement that we would be using this solution.

The initial setup was prompted by the COVID pandemic and was executed as a big bang.

We only used Microsoft with direct workshops, and all the specialists had their work done well.

We are an enterprise customer with an enterprise agreement in place with many of our partner companies, so there are no special questions or issues about pricing, setup cost, or licensing.

I rate Entra ID 10 out of 10. We are fully satisfied. It's a seamless transition from Active Directory. There is no steep learning curve, and our knowledge from Active Directory allows for a fast ramp-up.

Public Cloud

Microsoft Azure