Microsoft Entra ID Reviews

My job is to manage APIs on the enterprise end. We use Entra ID to limit contact with the end of the portal as much as possible. We have a lot of permissions that we don't want people to have, or we provide them with managed access. We also use Entra to manage application access. It tends to be blanket permissions, allowing an application total access.

Microsoft Entra ID drives our login and security perimeter, which is crucial for our organization. It has helped us implement multifactor authentication for most of our users despite the legacy systems in place. 

It is essential for supporting our aspiration towards a zero-trust model. It's driving our ambition to get serious about zero trust. We still have a lot of legacy systems that require support. 

Entra handles all the anti-phishing capabilities, and it's also helped us implement passwordless sign-in functionality. Now that we have MFA requirements and stuff like that, we're seeing identities flagged as risky because people are traveling. Sometimes people misuse credentials. It may not be malignant, but a group of people might share credentials. 

Delegated permissions and federated credentials are valuable features of Entra ID. We aim for a more secure environment by pushing for minimal use of static secrets. By utilizing delegated permissions, workflows can manage access, and federated credentials allow integration with platforms like GitHub and AWS. Entra ID drives our login and security perimeter, helping with multifactor authentication, despite the legacy systems.

Entra ID needs to improve its application credentials and use of ID permissions. There are challenges with the management layer. We want to create access down to the Graph level while invoking some management logic. That also means that if an application comes in, we cannot send that to the Graph because we would need an ID on behalf of the cloud hook. 

We have to switch contexts and do a lot of custom security checking. Does this application have permission to change these objects? If it does, then we can use our CNC powered by NMC. It botches our entire audit log so we can return to our service log and correct it rather than have it all in the old cloud. That's annoying. 

We also hit a problem with the federated credentials. Every hour, it exchanges a set of credentials from another IDP. For example, if I have a token from GitHub, I can exchange that for an application identity in NFT, which is awesome when you're doing GitHub workflows. However, because we have more than one tenant, we might need to access resources from one tenant to another. 

We do managed identities and federate to get a token and then assume an identity in the other tenant with that token. But for some reason, Microsoft has excluded all of their own IDP endpoints. Everything else is good to go, but if you come with a Microsoft token, you cannot use it. 

I have been using Microsoft Entra ID for the last two to three years.

I've had no issues with Entra ID. The portal could be slow now and then, but we don't have problems with the platform itself.

We have not observed any major scalability issues. However, when dealing with tens of thousands of objects, it requires proper management and best practices to retrieve only necessary data.

We rarely use customer service because we act as tech support. The few cases we have raised received decent support. 

We previously used Active Directory. While we haven't fully transitioned, we still source users from Active Directory but draw identities into Microsoft EntraID.

The decision to switch was made before I joined the team, so I'm not in a position to discuss ROI specifically. However, Microsoft EntraID is an integral part of our operations.

We face pricing challenges with newer licenses, as newer features often require them. This results in additional expenses for accessing new functionalities.

I rate Microsoft Entra ID seven out of 10. While it's an excellent standard for user sign-in, its open application model and security limitations lower my rating.

My main use case for Microsoft Entra ID is identity, and my organization performs many migrations, such as Office 365 migrations. This involves establishing an identity in the cloud, securing the identity with multi-factor authentication, and then onboarding it with SSO apps.

My favorite feature about Microsoft Entra ID is passwordless authentication because it makes the process easy.

The impact of Microsoft Entra ID on my company is significant because we are an MSP that resells IT services, and it serves as the foundation for all of our services, including single sign-on to all of our apps and to the customer's apps.

In the next generation of Microsoft Entra ID, I would appreciate improvements to consolidations for M&A activities. We perform many M&A migrations, and it would be beneficial to transfer identities from different tenants. While Microsoft has streamlined Exchange and SharePoint data, it would be helpful to have the ability to move identities between tenants if possible.

I have been using Microsoft Entra ID since it started, approximately eight years ago.

I have experienced some stability and reliability issues with Microsoft Entra ID, as there was recently a major outage that affected everyone. However, overall it has been quite solid.

I have used customer service for Microsoft Entra ID at some point. Although we have premier support and open cases, we are at the mercy of Microsoft. Customer service has been inconsistent for us, and we usually have to escalate issues. We typically resolve the problem before Microsoft can respond to us, so the service has not been very useful. We pay significant money for our support and do not receive a good return on investment.

Neutral

I have seen a return on investment from having Microsoft Entra ID.

My experience with the pricing, setup cost, and licensing of Microsoft Entra ID includes different tiers: Plan 1, Plan 2, and the Entra suite. I am quite familiar with these options.

I did not consider another product before selecting Microsoft Entra ID because it is the industry leader. We already use Microsoft products, so standardizing on Microsoft Entra ID was the logical choice.

Since implementing Microsoft Entra ID, I see more visibility in identity-related security incidents.

The integration capabilities of Microsoft Entra ID influence my Zero Trust model as it serves as the foundation for identity security.

I would rate this product 10 out of 10.

My main use cases for Microsoft Entra ID are to log in to Azure and also to log in our apps to Azure.

The feature of managing the users in Microsoft Entra ID is what I like the most.

The implementation of Microsoft Entra ID has made my secure access to apps or resources in my environment more seamless.

The integration capabilities of Microsoft Entra ID have influenced my zero-trust model by providing more granularity or control in the access that we are giving to users.

Microsoft Entra ID has benefited my organization through better management of the users and then more seamless connectivity.

I haven't thought of any specific improvements or additional features that should be included in the next release of Microsoft Entra ID.

I have been using Microsoft Entra ID for two years.

I am not sure how to assess the stability and reliability of Microsoft Entra ID as I haven't experienced any downtime, crashes, or performance issues.

Microsoft Entra ID scales well with my growing needs because the management of users is essential for our company as we are growing.

I don't really have any experience to rate customer service and technical support in Microsoft Entra ID.

I didn't have direct experience with the technical support of Microsoft Entra ID.

Positive

Prior to adopting Microsoft Entra ID, I think we didn't have Microsoft Entra ID and were mainly using password-based systems, for example.

I don't have direct experience with deploying Microsoft Entra ID.

I have seen a return on investment with Microsoft Entra ID.

I am not able to share any data points or examples of the return on investment.

I have no visibility on the pricing, setup cost, and licensing of Microsoft Entra ID.

I have no idea what other solutions were considered before selecting Microsoft Entra ID.

Since implementing Microsoft Entra ID, I have observed not much change in the frequency and nature of identity-related security incidents in the organization.

My organization's approach to defending against token theft from nation-state attacks has changed since implementing Microsoft Entra ID.

I haven't noticed any incidents at all related to token theft.

The implementation of the device-bound passkeys in Microsoft Authenticator has affected my organization's approach to phishing resistance by adding more steps in the authentication, which has helped in improving the security of our applications.

I am not sure if we have expanded usage of Microsoft Entra ID.

I would rate Microsoft Entra ID an eight based on some experiences, such as asking for repetitive connectivity and on the confirmation or verification, but I think the rest are good.

The advice I would give to an organization considering Microsoft Entra ID is that it depends on the organization's need; if they are growing and they need more governance, then they should have Microsoft Entra ID. I would rate this product an eight out of ten overall.

I use Microsoft Entra ID to manage the identities of production and creating groups, as well as to enable multi-factor authentication for users. Other use cases include looking at devices that are linked to users.

Microsoft Entra ID is pretty user-friendly and intuitive. The graphics are particularly useful when it comes to the auditing part. I saw the benefits of Microsoft Entra ID immediately after I started using it.

I would appreciate it if they linked the Microsoft Entra ID platform with other 365 platforms, such as the governance of Power BI or the security for the App Center. That would be very useful since we have many platforms related to Microsoft 365. We need to have a link or different profiles for managing through Microsoft Entra ID, which is the main platform.

I have been using Microsoft Entra ID for four years.

I would rate the stability of Microsoft Entra ID a nine out of ten.

I would rate the scalability for Microsoft Entra ID an eight out of ten.

I have contacted technical support for Microsoft Entra ID. The quality of support is regular. If you contact Microsoft support directly for Microsoft Entra ID, it's faster, but when you do it through a partner, it takes more time.

Neutral

I have not used any alternatives to Microsoft Entra ID in my career.

I wasn't in the company when Microsoft Entra ID was deployed. I started when it was already deployed. I know that the deployment of Microsoft Entra ID is pretty easy because we can do it with AD Connect.

It took me two weeks to learn how to use it. I would rate it a six out of ten in terms of the learning curve.

Its maintenance is taken care of by Microsoft. 

My advice for new users on how to start with Microsoft Entra ID is to take the Azure fundamentals certification AC-900, which gives you much insight, as well as the AC-500 for identity. 

I would rate Microsoft Entra ID as eight out of ten.

Our primary use case for the solution is building solutions using all Microsoft services, including migration projects, service provider roles, developer solutions, AI solutions, and ETL solutions for all those things, where we will use Microsoft services.

Recently, I did a migration project, which involved migrating from Microsoft Dynamics using ETL, for which I have used Microsoft Entra ID for app registration and API authentication. From Microsoft Dynamics 365, I want to connect to Microsoft services, and I perform the authentication and app registration and user login; I have used all these functions in Microsoft Entra ID.

The implementation of Microsoft Entra ID has impacted my secure access to apps or resources in my environment because it made it easier. For example, if I need to access a Key Vault and don't want to access it directly, I can use Microsoft Entra ID, and I can set all the policies there and use the Key Vault values.

These features are beneficial and valuable because they can be used to connect with third-party services and Microsoft services.

Since implementing Microsoft Entra ID, I've observed changes in the frequency and nature of identity-related security incidents. In app registration for a recent project, my Microsoft Dynamics 365 enterprise application is not visible. We need to add that app through client; we need to use AZ client, and there we need to add the ID, and it is not showing in the UI. This could be improved.

I have been using Microsoft Entra ID for almost five years.

The Microsoft Entra integration capabilities have not influenced my zero trust model in any way.

I have been dealing with Microsoft Entra ID, which is not as an Azure product, since 2000. So, twenty-five years now. It is now known as Microsoft Entra ID.

Microsoft Entra ID is built on a robust database infrastructure for finding objects with specific capabilities, be they users, computers, members of a company, machines, or whatever else. It historically stems from the X.500 system, developed for efficiently finding specialists, as demonstrated with the Apollo project. This historical foundation underpins its effective directory services in the modern context.

Currently, Microsoft Entra ID is a pretty service. It could benefit from implementing a specific large language model instead of LDAP queries to find resources and implementation details in one comprehensive scoop. This could replace existing document references with AI-driven support for faster implementation.

I have been dealing with Microsoft Entra ID since 2000, which is now rebranded to Entra ID as a Software as a Service product of Active Directory.

The infrastructure of Microsoft Entra ID scales to register and manage various resources, including large-scale directory services for users, computers, machines, etc.

I find the support excellent. If I have an investigation and I am not progressing well, contacting support results in responses within one or two days, usually with competent people. Because it takes some time, I rate it a nine out of ten.

Positive

There are different licenses with various capabilities, as with any service Microsoft offers. Microsoft sets pricing based on customer demand, adjusting to find the optimal balance between sales volume and profit per unit, similar to how Costco manages product prices.

I rate Microsoft Entra ID ten out of ten. It can be improved with large language models for better usability, but currently, it is quite efficient. Microsoft CEO Satya Nadella suggested transitioning all Software as a Service systems to agent-based large language model solutions, which seems promising. I am willing to be a reference for Microsoft and I am open to receiving contact from people with questions about my review. The solution is rated ten out of ten.

I have demo tenants where I test lots of features, such as creating test accounts and managing permissions.

Many organizations are shifting to a zero-trust model where nothing is trusted by default, and we explicitly add permissions as needed. Entra has some of those metrics, like risky sign-on. You can set up conditional access policies to ensure users can't access it from unknown locations. 

I can look at the logs to see how often my users are flagged as risky and fine-tune my policies to balance usability and security. The biggest implementation barrier with many test accounts is ensuring passwords aren't shared. Using MFA has also helped us ensure the test account is mapped to a single person. 

A lot of these features from Entra ID were implemented in our tenants. The biggest issue we've seen is that these passwords are leaked because someone shared them in a group when they were not supposed to. I think a lot of the policies that Entra has introduced lately around condition access for access management have helped us mitigate that.

I like how Entra allows you to upload a CSV file with user details for bulk user creation. This is useful for automation. Entra has made it easy to manage identity and access by integrating with all Microsoft services. Everything is managed in a single place, eliminating the need for another application.

It was super easy to understand how the basic functions work. The documentation on learn.Microsoft.com was sufficient to get most tasks done. 

The device-bound IDs in Microsoft Authenticator help us fight phishing, which is traditionally made possible by individual passwords. With passkeys, we eliminated the need for passwords to be stored and remembered. These test accounts aren't used daily, so people write the passwords down, and it's insecure. These phishing-resistant ensure we mitigate those risks. 

We've become more aware of token theft and state attacks. For example, if the demo tenant can access our internal resources and code still in development, we ensure that all these user IDs are authenticated. Entra can delegate and control access to apps, helping to close those attack vectors. 

Entra could be improved by enhancing self-service options for end users, such as making password reset options more accessible. This would simplify the user experience for end users.

I have used Entra ID for about a year.

For both the stability and scalability, it's pretty good. I've never had any issues with users trying to log in.

Both the stability and scalability of Microsoft Entra ID are pretty good with no reported login issues.

We have not needed to contact customer service due to sufficient public documentation. This suggests good technical support.

Positive

We used Keycloak for access management and single sign-on and some of the AWS native IAM solutions. Keycloak is open-source, so it's vendor-agnostic and can be integrated with any custom app you build, whereas you run into vendor lock-in with Entra. However, Entra is natively integrated with all Microsoft products, and we've migrated to using an exclusively Microsoft ecosystem. 

The documentation on Microsoft's website was sufficient to understand the setup for basic functions, making the initial setup straightforward.

We did everything in-house without involving any integrator, reseller, or consultant.

Entra is bundled with every new tenant you set up on Azure, so we don't need to pay for extra solutions to manage the fundamental aspects of user management and accounts.

I rate Microsoft Entra ID nine out of 10. It fits my purpose perfectly, and I seldom need to search for alternatives due to its comprehensive functionality.

We primarily use Microsoft Entra ID in hybrid scenarios where we are undergoing digital transformation. We had on-premises Active Directory that we transitioned to Entra on the cloud, enabling users to authenticate with their regular credentials.

We have a complex scenario with several applications, and we're trying to achieve SSO for most of our applications, but some of our legacy applications don't support SSO or modern protocols. Our core applications are ready for SSO or to be federated. We've centralized our authentication process using Entra ID, so we can collect sign-offs from the users and filter using conditional access. 

Our identity solutions are mature because we started with FIDO and YubiKeys. It's easier to implement now that we aren't sticking to a device. We aren't increasing our costs to add another asset to the user that we can use on their mobile phone. Technologically, FIDO is excellent, but Microsoft Authenticator is even better. 

Entra ID is integrated with Sentinel. It's ingesting logs from Entra ID, and we have playbooks to mitigate any identity-based risks. We could figure out our authentication flows and detect any misbehavior through integration with Sentinel. Entra ID enriches this process with logs, sign-outs, and remediation information.

We have an internal strategy for leveraging all Microsoft solutions. We avoid bringing in third-party applications to solve some gaps and try to address everything exclusively within Microsoft. Microsoft is the only vendor that can deliver the full lifecycle in one solution.

We are always working with cutting-edge solutions. For instance, we were struggling with Zoho support for SSO, and now we no longer use this domain. We are selling commercial vehicles, so it matters how reliable and trustworthy we are. No one wants to buy something from a company that doesn't protect customer data. We need something that makes an attacker's life harder. 

With Entra, we can provide a safe environment where we don't need to rely on users to secure their environment. We have plenty of security pillars to protect the company internally and externally. Using a zero-trust strategy, we reduced the differences between users, enabling safe navigation and asset use.

In my opinion, Microsoft sometimes releases products too early without providing enough documentation. Our team works with innovative solutions like verified ID, identity governance ,and lifecycle workflow.

When we started with lifecycle workflows, we had only two integrated worklows. Still, we couldn't find much of the information we needed in the documentation about our use case or how to leverage IDs in our proof of concept. 

Entra constantly releases new features, and other companies are releasing products at the same pace as Microsoft, so it's trickier. We started implementing a product called Next Identity that provides modern authentication methods like FIDO and push notifications. In 2023, we couldn't see how verified ID would help us. Now, verified ID has been integrated, and we can realize it, but at the time, we couldn't.

I have been using Entra ID for almost three years.

The solution is robust and stable, though we acknowledge the risk of potential backend outages from Microsoft, which could affect us significantly.

The solution is really scalable. We manage more than 100,000 devices and 300,000 user objects in Entra, indicating a high level of scalability in our environment.

We have always worked with Microsoft. Initially, we operated using on-premises Active Directory until we moved to Microsoft 365 and started using Azure AD at that time. Our parent company requires us to use Microsoft, but Entra is a core solution. 

The initial setup involved syncing our identities to the cloud and building a robust tenant as part of the company group. We adhere to a strict blueprint requiring the use of Microsoft solutions.

We have an internal hub in Lisbon focused on innovation and implementing solutions like Verified ID and identity governance.

I rate Microsoft Entra ID nine out of 10.