User and group-based application access management

For authorization, Azure Active Directory delivers many methods. As we already discussed in Chapter 2Planing and Designing Cloud Identities groups are a preferred way of providing users with the correct permissions and access to their applications. It's good practice that users work with the Access Control Panel UI and access their applications, change the password, and add verification options. With this option, you can also allow the user to build his own preferred workplace. For example he can add his own applications and leave the passwords secure in Azure Active Directory, benefitting from SSO.

Generally, Azure Active Directory provides three main concepts for authorization:

  • Direct: The ...

Get Mastering Identity and Access Management with Microsoft Azure now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.