Microsoft Entra ID vs Microsoft Entra Permissions Management comparison

Microsoft Entra ID vs. Microsoft Entra Permissions Management

March 2025

Download the complete report

Helped 848,253 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Microsoft Entra ID

Ranking in Microsoft Security Suite

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

224

Ranking in other categories

Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Access Management (1st)

Microsoft Entra Permissions...

Ranking in Microsoft Security Suite

29th

Average Rating

7.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Cloud Infrastructure Entitlement Management (CIEM) (4th)

Mindshare comparison

As of April 2025, in the Microsoft Security Suite category, the mindshare of Microsoft Entra ID is 9.5%, up from 6.5% compared to the previous year. The mindshare of Microsoft Entra Permissions Management is 0.5%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

Aaron Liang

System engineer at a energy/utilities company with 501-1,000 employees

Has significantly improved secure access to applications and resources in our environment

Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

Read full review

Sameer Bhat

Vice President at Goldman Sachs

Provides resource-based access and security, but time-bound access can be a problem

Entra ID is the core of the identity management that we have. This is the key product that we are using. I am currently also looking into Entra Private Access because we are planning to deploy about 50,000 desktops into Azure and use Azure Virtual Desktop. We would like to give access to the users from the desktop to on-premises applications. I learned that Entra Private Access is a good solution. That is not yet GA, but that is what we are looking for. Entra provides a single pane of glass for managing user access, but because our company also integrates with Nebula API, only administrators use Entra's pane. A normal person who wants to get onboarded can do self-service using Nebula. The features for whitelisting and other things are definitely there. That is what we use specifically. Application IDs, enterprise applications, and all those things are already there, so we have more efficiency. There is also security because we usually do not allow user identities to get direct access to Azure resources. Usually, we use the service principles from Entra ID, so this way, it increases security. Entra has helped to save time for our IT administrators. We tend to automate a lot of things. We can do automation using Graph APIs and save time. It is hard to quantify the time savings, but there has been a medium amount of time savings. Entra has helped to save our organization money. We care about security and risk more than money, but it also saves money. We are premium customers, and because we have a commit-to-consume contract with Microsoft of multi-million dollars, the money does not come into it because we have to consume those resources.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The best feature is the single sign-on provision for the various type of users."

"The most valuable feature is Conditional Access, and we use it extensively."

"The visibility and control for permission management are excellent."

"The main valuable feature is the integration into a single console, which includes authentication service and endpoint security."

"Entra ID's anti-phishing measures have improved our phishing response."

"Single sign-on, license management, and role management are the most valuable features. Integration with Microsoft 365 is also very valuable."

"The security and compliance features are very helpful. The online information on the site is well documented."

"The scalability capabilities are quite high."

More Microsoft Entra ID pros

"The solution integrates well with our infrastructure and other systems without any issues."

"Multifactor authentication is valuable."

Cons

"In a hybrid deployment, when we update a license by changing the UPN or email address of a user, it does not get updated automatically during normal sync. This means that we have to update it manually from Azure, which is something that needs to be corrected."

"I faced difficulties from Micorosft's end and during the transition from Microsoft Active Directory to Microsoft Entra ID. Sometimes, some of Microsoft's documentation could be a little outdated."

"Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well."

"When it comes to Azure, creating certain things or getting different resources isn't very clear. You need a certain level of knowledge of the system. It could be a little bit more friendly so that some of the things can be done easily, but after everything is created, it's easy to use."

"The ability to manage and authenticate against on-premises solutions would be beneficial."

"One thing that they need to improve is the cost."

"The downside of using a single password to access the entire system is that if those credentials are compromised, the hacker will have full access."

"Generally, everything works pretty well, but sometimes, Azure Active Directory has outages on the Microsoft side of things. These outages really have a very big impact on the users, applications, and everything else because they are closely tied to the Azure AD ecosystem. So, whenever there is an outage, it is really difficult because all things start failing. This happens very rarely, but when it happens, there is a big impact."

More Microsoft Entra ID cons

"The solution's pricing and support services need improvement."

"We use a third-party API called Nebula API to integrate the account for authorization. The time-bound access area in Entra can be a problem. It can be improved in terms of the granularity of the permissions."

Pricing and Cost Advice

"We have an agreement with Microsoft, and my company pays yearly."

"It is a really nice tool and we have a license for the more complex model."

"We got a good deal. If you get rid of all the products providing features that Azure Suite can provide, then it makes sense cost-wise."

"I give the cost a three out of ten."

"The pricing depends on the use case and can be negotiated based on volume."

"Its price is per user. It is also based on the type of user that you're synchronizing up there."

"We are a non-profit organization, so we get good prices from Microsoft for their products. It is working well, but it could be cheaper. For the type of organization we are, it would be good if they could give a little bit more and be more generous like Google, which has completely free services. Microsoft has free versions or web services called Office 365 E1, which is free for use, but we want to have it with more qualified clients."

"The P1 version costs $6 per user per month."

More Microsoft Entra ID pricing and cost advice

"We are a Fortune 500 company, so we always negotiate with Microsoft."

"The product cost is in the mid to high range."

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

848,253 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

32%

Computer Software Company

10%

Financial Services Firm

Manufacturing Company

Financial Services Firm

14%

Computer Software Company

14%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

How does Duo Security compare with Microsoft Authenticator?

We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...

What do you like most about Azure Active Directory?

It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.

What is your experience regarding pricing and costs for Azure Active Directory?

Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.

What do you like most about Microsoft Entra Permissions Management?

Multifactor authentication is valuable.

What is your experience regarding pricing and costs for Microsoft Entra Permissions Management?

The product cost is in the mid to high range. You need to have a good budget to implement it, so it is considered fairly expensive for our market. I rate the pricing a seven out of ten.

What needs improvement with Microsoft Entra Permissions Management?

The solution's pricing and support services need improvement.

Microsoft Intune vs Microsoft Entra ID

Comparisons

Compared 11% of the time

Google Cloud Identity vs Microsoft Entra ID

Compared 10% of the time

Okta Workforce Identity vs Microsoft Entra ID

Compared 9% of the time

Auth0 vs Microsoft Entra ID

Compared 6% of the time

Amazon Cognito vs Microsoft Entra ID

Compared 5% of the time

More Microsoft Entra ID Competitors

SailPoint Identity Security Cloud vs Microsoft Entra Permissions Management

Compared 34% of the time

Saviynt vs Microsoft Entra Permissions Management

Compared 34% of the time

Microsoft Defender for Cloud vs Microsoft Entra Permissions Management

Compared 17% of the time

More Microsoft Entra Permissions Management Competitors

Product Reports

Download Microsoft Entra ID product report

Microsoft Entra ID

March 2025

Cloud Infrastructure Entitlement Management (CIEM)

April 2025

Microsoft Entra Permissions Management report

Download Microsoft Entra Permissions Management product report

Also Known As

Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator

CloudKnox Permissions Management

Interactive Demo

Demo not available

Overview

Microsoft Entra ID is used for extending on-premises Active Directory to the cloud, managing application access, enabling multi-factor authentication, and single sign-on. It facilitates policy enforcement and secure access, ensuring centralized identity management across cloud and on-premises resources.

Organizations utilize Microsoft Entra ID for robust user and group management, identity synchronization, and conditional access. Its seamless integration with third-party apps, scalability, and support for remote work make it a preferred choice. The admin center streamlines identity and access tasks, enhancing efficiency and security with features like privileged identity management and audit logs.

What are the key features of Microsoft Entra ID?

Single Sign-On: Simplifies user access to multiple applications with one login.
Multifactor Authentication: Enhances security by requiring additional verification.
Conditional Access: Establishes policies that determine how users' access cloud apps.
Integration: Easily integrates with various third-party applications.
User Identity Protection: Safeguards user identities from threats.
Privileged Identity Management: Manages elevated access to sensitive resources.
Audit Logs: Provides thorough activity logs for oversight and compliance.

What benefits should users look for in Microsoft Entra ID reviews?

Enhanced Security: Offers strong multifactor authentication and identity protection.
Administrative Efficiency: Simplifies identity and access management tasks.
Scalability: Supports growing user bases and remote work environments.
Integration Capabilities: Compatible with numerous third-party applications.
User-Friendly Interface: Makes managing user identities straightforward.

Microsoft Entra ID implementation varies across industries. Tech firms leverage it for secure, scalable access management, while healthcare organizations utilize its identity protection features to safeguard patient data. Educational institutions adopt Entra ID for streamlined user management and policy enforcement, ensuring secure access for students and staff across on-premises and cloud resources.

Microsoft Entra Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities – users and workloads – actions, and resources across cloud infrastructures. It detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access in Microsoft Azure, AWS, and GCP.

Sample Customers

Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.

Information Not Available