Microsoft Entra ID Reviews

The main use cases for Microsoft Entra ID in this company involve granting permissions across different Databricks workspaces or Synapse, and leveraging the same identity across Power BI integration and semantic models.

What I find most valuable about Microsoft Entra ID is centralizing identity. I think that's the power of this. I don't need to worry too much about how to set up the groups. I just need to get access and assign it to the correct place. Centralizing everything and making it more transparent for me while leveraging these groups and users in my applications represents the best difference.

The impact of Microsoft Entra ID on security is that it grants permissions to those who need to see the information. I think that's the main goal of Microsoft Entra ID features.

I'm not sure how Microsoft Entra ID's integration capabilities have influenced my zero-trust model. This one is hard to answer.

Since having Microsoft Entra ID, I have not observed any changes in the frequency and nature of identity-related security incidents in my company.

So far, I've never heard about token theft and nation-state attacks issues since implementing Microsoft Entra ID, but I hope to keep it this way.

I don't see any area of improvement for Microsoft Entra ID for my usage. I think it's perfect for me.

I'm not aware if Microsoft Entra ID could be cheaper, but if it can be cheaper, it's a good way to keep customers linked to it.

Usually when people talk about Azure, they talk about cost. I think Microsoft Entra ID is not as expensive as AWS, but cost is usually the main concern.

I have been using Microsoft Entra ID for a couple of years. Every company that I worked with had the previous Active Directory, now Microsoft Entra ID, so I'm using it for at least ten years. Most of the companies work with Azure.

I have never had any problems with the stability and reliability of Microsoft Entra ID. During the demo today, there was a gap between Microsoft Entra ID and the sync. However, this was the first time that I observed something of this nature. Before it, I never saw any problem.

Regarding scalability, Microsoft Entra ID has been able to scale to the workloads that my company needs. So far, that's the least critical concern about scaling. I think it performs very well. The company is pretty big with a few thousand employees, and it works very well, considering not only the users but the application IDs and other elements.

I think the customer service and technical support for Microsoft Entra ID are great. Every time that I had to get in contact with them, the answers are fast and they are very helpful in trying to solve the problem.

Positive

My company did not consider other tools before choosing Microsoft Entra ID.

With my experience, the deployment process for Microsoft Entra ID is pretty straightforward. Using Azure CLI, it's quite simple to make the assignments and everything else. I don't provision users; I just consume what is ready. So it's quite simple for me.

I guess the biggest return on investment for Microsoft Entra ID is linked with security. Security definitely helps protect the company image from leaking and from issues. I think when we put this on the table, I don't know if the cost to buy something of this nature matters too much because the impact is much more significant.

While using Microsoft Entra ID, we are not considering something else.

I think AI is also connected with Microsoft Entra ID. It acts on behalf of someone. All the features that I'm seeing in the event are already making transparent how AI is connecting or using the data and the artifacts around the cloud that is on behalf of someone. I think that's a great feature.

The implementation of device-bound passkeys in Microsoft Authenticator is a step forward to make things more secure and harder for someone with second intentions to go through your architecture and platform. I think this was an implementation to keep things more secure in general, and it definitely did.

My advice for other companies considering Microsoft Entra ID is that if you want to simplify your identity management and focus on your core business, Microsoft Entra ID is a good option. I would rate this product a nine out of ten.

Public Cloud

Microsoft Azure

My main use cases for Microsoft Entra ID include Azure App Registrations and management of third-party integrations into our M365 tenant.The implementation of Microsoft Entra ID has been pivotal for our secure access to apps or resources in our environment. We use Microsoft Entra ID to grant access for all external apps that want to connect into some type of data source in Office 365, so it has been crucial to be able to set those up and manage those.Microsoft Entra ID's integration capabilities have been the foundation for our Zero Trust model because my team only sets up integration and Azure App Registrations based on a request and we review them. Nothing gets access to any data or anything in our tenant unless we review it and approve it and configure it in Microsoft Entra ID.

The features of Microsoft Entra ID that I value the most include the governance tools around OAuth, Azure App Registrations, and the security tools that enable us to set those up and monitor those.The features of Microsoft Entra ID have benefited my organization by allowing us complete control over what apps have access to what in Office 365 and for how long due to the Azure App Registration tools and process that Microsoft Entra ID offers us.

Microsoft Entra ID can be improved through better lifecycle management of the Azure App Registrations. If a token or a certificate is going to expire, it would be helpful to notify the app owner or the representative in our organization, saying that their certificate is getting ready to expire in two weeks, asking if this is still in use and if they still need this, and providing information on how to renew it if needed. Additional tools for governance and lifecycle management would be beneficial.To make it a ten, some of the governance and lifecycle management for app registrations that I mentioned would be beneficial. It would alleviate some of the time burden from my team to be able to automate the management of some of those aspects. Other than that, it is pretty solid.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability of Microsoft Entra ID as great.I have experienced some downtime, crashes, or performance issues, primarily the typical Office 365-wide outages that happen from time to time, but nothing beyond that.One of the outages I experienced was about a month ago where there were DNS issues with Microsoft, and all of Office 365 was inaccessible, along with the Microsoft Entra ID admin center.

Microsoft Entra ID scales well with the growing needs of my organization. As the organization has been growing with Azure App Registrations that I have been mentioning, we get more and more of those, and the tools are just there for us to use.We have expanded the usage of Microsoft Entra ID gradually over time as our organization has been getting bigger and there are more and more third-party apps that get brought on board, and it has been smooth.

I would rate customer service and technical support an eight on a scale from one to ten.I give an eight rating because for the most part, whenever we open up a ticket or need technical support, we get a good resource to help us quickly. However, every once in a while, you might get a resource that is not as well-versed in exactly what you are looking for help with. For my team, if we are opening up a ticket, we have already done a lot of basic troubleshooting.Overall, I would evaluate customer service and technical support as pretty good.

Positive

I have seen a return on investment with Microsoft Entra ID, as it makes my team, the engineering team for Office 365, have a much easier time in terms of managing third-party integrations and other apps that connect into Office 365.

I cannot speak to the setup cost of Microsoft Entra ID because it was before my time here. Licensing has been pretty pain-free. All of our users get the base E3 license, so the workload on that is pretty easy.

To other organizations considering Microsoft Entra ID, I definitely advise you to implement it, as it is crucial for my team and what we do in controlling access to certain resources in our tenant. I cannot imagine doing our job without it. I would rate this product a nine out of ten.

Hybrid Cloud

Other

My main use case for Microsoft Entra ID is for access control. I'm not entirely sure what I like the most about Microsoft Entra ID, but perhaps it's that everything is included in the same app compared to before. Mainly, we have SharePoint set up, so we use it to manage users' access, which is the main purpose.

SharePoint site access has mainly benefited my organization, and that's how we have Microsoft Entra ID set up. Because of the hybrid environment we have with Active Directory, that's why we have it configured for our users' access to folders and sites.

Microsoft Entra ID did help with our approach to phishing resistance, and we appreciate the Office 365 MFA protections. Since we have this hybrid environment set up, we find it more secure when accessing any Office 365 products such as Outlook, SharePoint, and OneDrive.

I think something can be improved, but it's working.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability as generally good, as we do have occasional downtime for SharePoint, but usually the service is restored within an hour or less, which is good. There is nothing major with downtime, and we are satisfied.

Microsoft Entra ID works well for scalability in my organization, as we have grown from 150 employees to 700 employees. There are some changes in licensing, with Microsoft offering cheaper licenses for employees under 300, and when you exceed that number, you move into another level and another layer of the licensing scheme. The transition is quite easy, and it gives you the flexibility to mix and match the licenses you want.

I recently used customer support, but it was not for our production environment; it was for our test environment. I contacted support and I am waiting for a phone call. We have experience contacting support, and they are good.

I have not personally contacted support a lot, but some of my team members contact them regularly, and they receive very good feedback from them. According to the comments I received, I would rate customer support around a seven or eight.

Positive

I did not consider another solution before; we are Microsoft customers, and it has been that way since day one.

The deployment of Microsoft Entra ID is easy once it's migrated to the cloud. The implementation of Microsoft Entra ID is required for SharePoint sites to provide user access, and that is one of the requirements, so that's why we had it set up.

I have seen a return on investment, as it's a great investment because our production environment has now migrated to the cloud, and we use SharePoint extensively. Microsoft Entra ID is what we use for access control, and it's a great investment.

I do not believe we pay anything extra for Microsoft Entra ID; it's a good deal. We have Office 365 licenses, and Microsoft Entra ID is included.

We have not just relied on Microsoft Entra ID for the security setup, as we do have other third-party software integrated with our system for protections and data protections.

Nothing right now has influenced my Zero Trust model with Microsoft Entra ID integration capability. My organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID, as I have other security solutions in place, so we do not use Microsoft Entra ID for protections.

I am satisfied. I would rate this product an eight overall.

Hybrid Cloud

Microsoft Azure

We implement standardized conditional access policies for our customers using Microsoft Entra ID, mainly for security, governance, and conditional access. We also sync on-premises Active Directory accounts to Microsoft Entra ID to manage groups and Azure resources like Azure Virtual Desktop.

We started our journey with Entra from a security standpoint, using features like PIM and Microsoft Defender for Cloud. It has improved our security posture, especially in healthcare, where security is paramount. We have to ensure that our data is secure for HIPAA compliance. 

It improves our user account management and initial access. We can see a lot of stuff using Microsoft Lighthouse because we're an MSP, so we use Lighthouse to gain visibility into the tenants and accounts. We can dive into the financial side and get reports. It's highly granular and easier from an organizing standpoint.

We use the Microsoft security stack, including Defender, Purview, etc., so we get a security score and recommendations on ways to fill in the gaps. We get some ideas on how to tweak the Entra tenant or the environment better. But we're following Microsoft's guidelines with reporting or recommendations.

We implemented FIDO 2.08 for phishing resistance, so we use security keys like the UBP. We're passwordless now. It depends on our customers' licensing, such as whether they have an E1 or E3 or whichever Microsoft 365 license they have. We're moving them to a passwordless architecture or, at minimum, improving phishing resistance with an MFA authenticator. 

We primarily use Entra to monitor risky users or detect questionable sign-ons. We get alerts if a user logs in outside a trusted location or from a different IP address we don't recognize. We have recommendations or conditional access policies to detect or block risky sign-ons. 

We had more risky log-ins detected than normal, so we updated our conditional access policies to say that if we see more risky log-ins in the next 24 hours, we'll lock it down in the next 12 hours to fine-tune the conditional access policies and that kind of stuff. We're trying to standardize or make everything the same, depending on pricing or cost. We're trying to move everybody to the standard baseline for just what we try to deploy for the next of this year. 

It's had a tremendous impact on our security. We can set granular permissions and different levels of access for various teams. We can govern the Entra side of the house or the Azure public cloud side and other teams like marketing, HR, finance, or any of those groups as needed. 

Entra helps us advance our zero-trust strategy. We have to follow CIS standards and HIPAA because we're in healthcare and PCI DSS. We're implementing Microsoft's best practices for their security framework. It makes a big difference when we're deploying new infrastructure for new clients and everything.

Microsoft Entra ID provides granular role assignments for Azure permissions or Azure AD roles. Using a privileged identity manager allows us to give specific access to certain groups of employees for a limited time. Entra's ability to integrate Azure Virtual Machines and security benefits has been exceptional, especially for managing infrastructure and applications.

I'm satisfied with the features provided by Microsoft. They are continually improving their offerings, and I don't have any downsides or issues with Microsoft Entra ID. We're integrating a lot of Azure virtual machines and utilizing the Azure side. We love Microsoft licensing, all that stuff. And Yeah. It's just, you know, just using the CSP portal as well has just been a game changer for us too. 

We have been using Microsoft Entra ID for about three years as a Microsoft CSP partner.

The stability of Microsoft Entra ID is very great. It's a high availability solution, and we haven't had any major issues. Even in cases of global outages, Microsoft provides transparency through their health portal.

The scalability of Microsoft Entra ID is excellent. We have no problems scaling virtual machines, and we can tailor solutions based on customer needs and budget, ensuring proper SLA and redundancy.

Whenever we have needed Microsoft support, they have provided fast response times and have been very helpful. Although we've occasionally needed to be transferred between departments, overall, their support service is reliable.

Positive

Before Microsoft, we used various on-premises solutions with Active Directory domains. The shift to Microsoft Entra ID was driven mainly by the convenience and cost benefits of consolidating under a single vendor, a single pane and glass setup.

The initial setup was done through Ingram Micro, and it was smooth. They helped set up our accounts and provided the necessary training for managing CSP.

The implementation was done with the help of Ingram Micro, a third-party vendor. They provided excellent guidance throughout the CSP integration process and conducted seminars for further training.

Our ROI has been strong since becoming a CSP partner. We've seen tremendous growth and attracted many new customers using Microsoft products. We leverage existing licensing, like Windows Server or SQL, and hybrid benefits, and our sales and marketing teams benefit from co-selling and partnership advantages.

Our sales and marketing teams handle licensing, co-selling, and marketplace activities, which makes it easier to centralize and manage our Azure or multi-cloud costs effectively.

Before implementing Microsoft Entra ID, our sales team evaluated other vendors offering similar solutions. However, the benefits of Microsoft licensing and CSP partnership made it an obvious choice.

I rate Microsoft Entra ID a nine out of 10.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID is used for hybrid synced users to Azure and for external users with guest accounts created in the directory. Security groups and all related functionality are utilized for user management.

Logging activities, including sign-in logs, password lockout, and security monitoring for compromised accounts, are valuable components of the implementation.

To prevent intrusions, as a government entity, Microsoft Entra ID is used to determine if someone is attempting to brute force an account and to understand the origin of the access attempt and whether it represents an actual threat.

Logging, sign-in logs, password lockout, and security features for compromised accounts are the most valuable aspects of Microsoft Entra ID.

To prevent intrusions, the ability to determine if someone is attempting to brute force an account and to understand where the access attempt is originating from and whether it represents an actual threat is critical.

Microsoft Entra ID has had a very positive impact because access can be controlled both internally and externally to the environment and applications used by the organization. Many app registrations function through Microsoft Entra ID to allow internal and external users to access applications.

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

Microsoft Entra ID could benefit from improved structure and organization. Currently, internal and external users are grouped together, and filters must be applied to differentiate between them. Having separate areas for internal and external users would be beneficial since they should be treated differently.

Growth opportunities exist in separating certain elements for improved viewability.

Microsoft Entra ID has been in use for approximately eight years.

The primary issue experienced with Microsoft Entra ID is Azure sync performance. Over the past year, syncs have occasionally taken longer than expected to complete between on-premises and cloud environments. While syncs should typically complete within 30 to 60 minutes, there have been instances where syncing has taken hours. These issues have been reported to Microsoft, and while they address the problems, they do not typically share details about the fixes applied.

Microsoft Entra ID has been expanded through the creation of security groups specifically in the cloud rather than on-premises. The organization is moving forward with all groups being created in Azure and Microsoft Entra ID. User accounts will continue to be created on-premises, but security groups and dynamic groups will all be created in Azure and Microsoft Entra ID.

Support for Microsoft Entra ID is evaluated as generally good, with few problems encountered. On a global scale, however, support has not been consistently reliable.

Positive

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

The primary benefit observed from Microsoft Entra ID is the ability to identify and respond to suspicious account activity. Most frequently, locked accounts have been investigated and flagged accounts have been flagged for suspicion or high risk, particularly guest accounts invited to the tenant. This allows the organization to communicate with affected users and recommend actions such as password resets. This capability is especially valuable because the organization regularly interacts with the public.

Zero-trust model implementation has not been influenced by Microsoft Entra ID, as this reviewer was not involved in that initiative.

The organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID.

No competitive solutions have been evaluated or considered, as the organization is satisfied with Microsoft Entra ID. This review is rated as an 8 out of 10.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID serves as the main use case for everything, supporting M365 and all related services, with Entra ID being a key component for everything.

The features for users, groups, and management are what I appreciate most about Microsoft Entra ID.

Single sign-on (SSO) is an example of how the features of Microsoft Entra ID have benefited my organization. We use Entra to access our laptops and applications, and single sign-on helps ensure business resiliency so that if our domains are compromised, we can still access Microsoft M365 and other services.

Microsoft Entra ID's integration capabilities influence our zero trust model significantly, as we use a lot of conditional access through Entra to support that part.

Since implementing Microsoft Entra ID, I have observed that it would be beneficial to have more analytics and everything integrated there, as opposed to how we normally do searches. Co-pilot might play a big role in getting more data much quicker from Entra.

I think more analytics would be beneficial in the next release to improve Microsoft Entra ID.

I want Microsoft to improve dynamic group creation and the logic behind them. Another area needing improvement is dynamic groups, where you cannot utilize many of the custom attributes in the dynamic groups, which are very limited.

I have been using Microsoft Entra ID for ten to fifteen years.

I would assess the stability and reliability of Microsoft Entra ID as acceptable; we have issues sometimes, but overall, it is satisfactory.

I have experienced downtime, crashes, or performance issues on occasion.

Microsoft Entra ID scales well with the growing needs of the organization, and I find it good overall.

I have expanded usage of Microsoft Entra ID.

The process of expanding usage was quite smooth.

I would rate my customer service and technical support as six out of ten, noting that level two support is really poor while everything else above that is good.

Neutral

Prior to adopting Microsoft Entra ID, I was using an on-premises Active Directory solution to address similar needs.

I would describe my experience with deploying Microsoft Entra ID as good overall.

The process worked well, and I faced no significant challenges. However, we had some initial mapping issues when trying to perform synchronization services from on-premises AD to local AD to Entra, and there is still a limitation on the number of mappings you could do from there.

My experience with the deployment was good, though initially, the biggest challenge was mapping the fields from on-premises to cloud and making sure you have all those requirements for the application. Once we got the initial part done, it is quite good.

I have seen a return on investment with Microsoft Entra ID.

My experience with the pricing, setup costs, and licensing of Microsoft Entra ID is that it is part of our base, and there is no additional cost.

Before selecting Microsoft Entra ID, I did not consider any other solutions as we are in the Microsoft Azure ecosystem and do not have any other choice.

My organization's approach to defending against token theft of nation-state attacks has not changed since implementing Microsoft Entra ID.

The implementation of device-bound passkeys in Microsoft Authenticator has affected my organization's approach to phishing resistance in that we do not use that directly. We use a third-party system to do that, which is primarily Okta. However, I have tested FastPass and enabled it for mine, so it is definitely helping with security and ensuring that all authentication is secure, though we do have a pilot and do not use it for the majority.

The factors that led me to consider a change to Microsoft Entra ID included scalability, cost, and being cloud-native.

I can share metrics or data points that demonstrate the impact of our integrations.

I can share data points or examples, as it is the AD. Without that, nothing will work. Without Entra, it is the key one for that, meaning it is the base fundamental thing you need in order to do anything.

My advice to another organization considering using Microsoft Entra ID is to look at the initial implementation, which will take time, so ensure you plan regarding what you need. For us, that was mapping, how authentication would change, what applications you are migrating to the cloud, and how you are going to map those things. Good planning before implementing would be beneficial. I rate this review seven out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

Our main use cases with Microsoft Entra ID involve extending our on-premises Azure into the cloud, starting with messaging in M365 and syncing the IDs up, but we also do a significant amount of work with enterprise apps, app registrations, and different types of identity within Azure.

Within Microsoft Entra ID, I appreciate being able to perform the SAML configurations for enterprise apps and app registrations, SSO, which is something that we are using heavily with Conditional Access for the MIDFS.

The implementation of Microsoft Entra ID has had a huge impact on our secure access to the apps or resources in our environment, as we can use Conditional Access to apply MFA going into apps, which definitely helped with our compliance.

The integration capabilities of Microsoft Entra ID have influenced our zero-trust posture quite a bit, as we actually use the zero-trust worksheets that Microsoft put out, we are doing PIM, and applying PIM on various items, along with Conditional Access policies, so I would say we are using it quite a bit for that.

I do not have anything to share at the moment on how Microsoft Entra ID can be improved or what additional features should be added in the next release.

I have been using Microsoft Entra ID heavily for six months.

I assess the stability and reliability of Microsoft Entra ID as pretty solid, aside from that Front Door issue recently, since everybody makes mistakes.

Other than that Front Door issue, I have not experienced any other downtime, crashes, or performance issues. There was about a month ago when you could not get into the portal, but aside from that, the users kept working, we just could not access it.

Microsoft Entra ID scales with the growing needs of my organization, and I experience no issues there.

We have expanded usage, as we are continually growing and merging tenants with a parent company that acquired us.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support as a five.

I give it a five because it depends on who you get; some people are awesome, and some people, I can find answers through Google before I get a response from them, so it just all depends on the engineer. Once you get past the first engineer, you normally get some pretty good help.

In evaluating the customer service and technical support, I think that everybody is always nice, and I can tell they all try, but you just do not seem to get a high-level expert on the first contact, and it sometimes takes too long to escalate quickly when needed, which is my best recommendation.

Neutral

Prior to adopting Microsoft Entra ID, I was using another solution, which was just on-premises AD.

The process of merging tenants has been somewhat smooth; we are still going through it, but we pretty much did a net new on their side, Greenfield, so the user accounts are all new, and we did not actually migrate them, but we are adding around 15,000 users to the tenant, so it seems to just be doing its job, syncing, and creating the accounts.

My experience with deploying Microsoft Entra ID is that we have had it for so long that I actually did not deploy it at this company; it was already deployed, and I had to fix a lot of things, but Entra Connect, it all just kind of works, and I have no major complaints that I can think of.

My experience with the deployment has been good, as there were no issues that I could think of, and I have done several upgrades to it, and it all just kind of works.

I do not know the cost, so I cannot say for sure if I have seen a return on investment.

Regarding my experience with the pricing, setup costs, and licensing of Microsoft Entra ID, I do not manage licensing, so I cannot speak to that. It is expensive, but thankfully, I do not manage the licensing.

Before selecting Microsoft Entra ID, we considered other solutions and determined that we are a Microsoft shop, so we pretty much needed it for Teams and email and everything else.

Since implementing Microsoft Entra ID, I do not have any metrics on the frequency or the nature of the identity-related security incidents in my organization that I can share.

Our organization's approach to defending against token theft and nation-state attacks has not changed as a result of Microsoft Entra ID, as it is constantly changing because we are always trying to improve.

The implementation of the device-bound passkeys in Microsoft Authenticator is something we are working on switching to, so I cannot say for sure; we are using some other MFA.

The advice I would give to another organization considering Microsoft Entra ID is that I do not really have any; it just kind of works, and I think it is a good solution that works well despite not having all the features of some other options. I give this solution an overall rating of nine.

Hybrid Cloud

Other

My job is to manage APIs on the enterprise end. We use Entra ID to limit contact with the end of the portal as much as possible. We have a lot of permissions that we don't want people to have, or we provide them with managed access. We also use Entra to manage application access. It tends to be blanket permissions, allowing an application total access.

Microsoft Entra ID drives our login and security perimeter, which is crucial for our organization. It has helped us implement multifactor authentication for most of our users despite the legacy systems in place. 

It is essential for supporting our aspiration towards a zero-trust model. It's driving our ambition to get serious about zero trust. We still have a lot of legacy systems that require support. 

Entra handles all the anti-phishing capabilities, and it's also helped us implement passwordless sign-in functionality. Now that we have MFA requirements and stuff like that, we're seeing identities flagged as risky because people are traveling. Sometimes people misuse credentials. It may not be malignant, but a group of people might share credentials. 

Delegated permissions and federated credentials are valuable features of Entra ID. We aim for a more secure environment by pushing for minimal use of static secrets. By utilizing delegated permissions, workflows can manage access, and federated credentials allow integration with platforms like GitHub and AWS. Entra ID drives our login and security perimeter, helping with multifactor authentication, despite the legacy systems.

Entra ID needs to improve its application credentials and use of ID permissions. There are challenges with the management layer. We want to create access down to the Graph level while invoking some management logic. That also means that if an application comes in, we cannot send that to the Graph because we would need an ID on behalf of the cloud hook. 

We have to switch contexts and do a lot of custom security checking. Does this application have permission to change these objects? If it does, then we can use our CNC powered by NMC. It botches our entire audit log so we can return to our service log and correct it rather than have it all in the old cloud. That's annoying. 

We also hit a problem with the federated credentials. Every hour, it exchanges a set of credentials from another IDP. For example, if I have a token from GitHub, I can exchange that for an application identity in NFT, which is awesome when you're doing GitHub workflows. However, because we have more than one tenant, we might need to access resources from one tenant to another. 

We do managed identities and federate to get a token and then assume an identity in the other tenant with that token. But for some reason, Microsoft has excluded all of their own IDP endpoints. Everything else is good to go, but if you come with a Microsoft token, you cannot use it. 

I have been using Microsoft Entra ID for the last two to three years.

I've had no issues with Entra ID. The portal could be slow now and then, but we don't have problems with the platform itself.

We have not observed any major scalability issues. However, when dealing with tens of thousands of objects, it requires proper management and best practices to retrieve only necessary data.

We rarely use customer service because we act as tech support. The few cases we have raised received decent support. 

Positive

We previously used Active Directory. While we haven't fully transitioned, we still source users from Active Directory but draw identities into Microsoft EntraID.

The decision to switch was made before I joined the team, so I'm not in a position to discuss ROI specifically. However, Microsoft EntraID is an integral part of our operations.

We face pricing challenges with newer licenses, as newer features often require them. This results in additional expenses for accessing new functionalities.

I rate Microsoft Entra ID seven out of 10. While it's an excellent standard for user sign-in, its open application model and security limitations lower my rating.