From the course: Microsoft Entra ID: Basics

Identity and access

From the course: Microsoft Entra ID: Basics

Start my 1-month free trial

Identity and access

- [Instructor] Welcome to the next chapter, Azure Active Directory Fundamentals. In this chapter, we'll learn about the core components of Azure AD, why they are needed and understand what they exactly do in terms of functionality. I'm really excited about this chapter, because there's so much awesome stuff coming your way. Imagine that you are traveling internationally for business. What is the first piece of documentation you'll need to be able to do that? Well a passport, which will be used by the airport authorities to validate your identity. After that, you'll be in flight for a few hours and then land. At the destination airport, along with your passport, which will be used by the immigration officers to determine your level of access in their country, basically the purpose of visit, either transit, tourism, business, or employment. Now what would happen, if anybody could just fly to any place they want without a proper passport, or visa? That could lead to potentially disastrous circumstances. So you realize how vital identity and access is. That is true not just for aviation, but also enterprise organizations. Its implementation is a little different though, but the concept is essentially the same. If we compare them, instead of a passport for identity, we have credentials for authentication. Instead of a visa for access, we have permissions for authorization. Instead of a boarding pass for the trip, we create a sign-in session using cookies. There the safety of the people is at risk, and here the security of the company resources is at stake. You can't travel anywhere internationally without fulfilling the passport and visa requirements. And ideally, you shouldn't be able to traverse the corporate network without proper authentication and authorization as well, because it's the first barrier in protecting privileged resources. But unfortunately, sometimes people with bad intentions circumvent their way around these measures, get unauthorized access and cause damage. That's where Azure AD comes to the rescue. Its ultimate job is to minimize, or eliminate such threats, by providing administrators, like us, with sophisticated tools for identity and access management.

Contents