Azure
No More Mess in my Head Around Phrases Related to Identity in Computing
What is Identity? Azure Active Directory is just Active Directory in Azure? Microsoft Graph is a Data Visualization Framework or What?
Identity
What is Identity in Cloud
Identity is a unique identification of an object. Such an object can be a human being, machine, or a combination of it. When we talk in the cloud computing context, identity means a set of properties about this object stored in the cloud's datacentre.
Introduction to Cloud Computing
Cloud computing is the present and future of software utilization, development, and hosting. Let me introduce you to its…levelup.gitconnected.com
Identity & Access Management
Identity Management (IdM) and Identity and Access Management (IAM) is an interchangeable term in identity access management. So if you are reading about one, you are probably reading about the second term too.
IAM is a framework of policies that tell what users can do in their restricted area and what he needs from the user to operate properly. Such systems identify, authenticate, and authorize individuals or hardware applications to use restricted resources.
IAM exists in the world without the internet too. It appears in different forms. For example, the “Staff Only” label at doors in markets, id card pinned at employees suit, or doorman as a profession by itself. Even your dog protecting yard is some Access Management of your property.
Every IAM operates in its defined context. The context of IAM specifies the number of properties it needs from the Identity. For example, every patient has a folder with properties about his identity at the doctor's office.
Identity Platform
Identity Platform is an IAM service provided by third-parties such as Microsoft or Amazon (Amazon Cognito).
Using External vs. Internal Identity Platform
External identity platform (IP) helps you build applications without its own identity management service such as Identity Server. Authorization and authentication can be handled externally, and the only thing you need to do is integrate between your system and MIP.
Integration with an external identity platform does not make sense if you are not using third-party software, and most of your companies applications were built in-house. For example, if the whole company is using Windows and Office 365, it does make sense to integrate your system with Microsoft Identity Platform.
Microsoft Identity Platform
The Microsoft identity platform helps you build applications your users and customers can sign in to using their Microsoft identities or social accounts, and provide authorized access to your own APIs or Microsoft APIs like Microsoft Graph. — docs.microsoft.com
Components of the Microsoft Identity Platform?
- OAuth 2.0 and OpenID Connect standard-compliant authentication service. — Possibility of secured work or school accounts authentications.
- Microsoft Authentication Libraries or MSAL. — Microsoft MVP and my friend Daniel Krzyczkowski have great GitHub repo with guidelines for using MSAL.
- Application management portal. — Registration and configuration of applications in the Azure portal. Management is also possible through PowerShell or configuration API.
Microsoft Graph
Microsoft Graph is the gateway to data and intelligence. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security. — docs.microsoft.com
Mostly when you are sign-in or up with your Microsoft account and you tracked the communication, you will find out that the browser is talking a lot to https://graph.microsoft.com, which is a single endpoint of Microsoft Graph API.
Side note: I also write short, free lessons on getting more out of AI coding tools — if that's your thing, The Claude Code Memory Starter is a tiny email series you can join in one click.
Once you are integrating your application with the Microsoft Identity Platform, you will communicate through this API. You can do it directly or with MSAL, which encapsulates the HTTP communication with API.
Active Directory vs. Azure Active Directory
Active Directory
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. — Wikipedia
Physically it is nothing else than an on-premise private server. Active Directory or Active Directory Domain Services is a database of your company’s users and computers. It provides authentication and authorizations for applications or users. It uses dinosaur protocols like Kerberos and NTLM.
Azure Active Directory
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. — docs.microsoft.com
Azure Active Directory (Azure AD) takes AD approaches, expands them, and brings them to the next level, the cloud level. Azure AD provides organizations with an Identity as a Service (IDaaS) solution for applications across Azure and on-premise servers too.
Azure Active Directory vs. Microsoft Graph
Azure Active Directory is a security token server which analogous to a directory in the Cloud. When organizations want to move their on-premise directories to the cloud and make their applications securely accessible anywhere from the internet, they can take advantage of Azure AD.
Azure AD has two versions. The V1 endpoint and the V2 endpoint and Microsoft Identity Platform is made of the V2 endpoint, documentation, and application registration tools like App Registrations in the Azure portal. The Microsoft Identity Platform contains part of the Azure Active Directory.
Sources
- Identity management by Wikipedia
- What’s the role of AAD in the MIP
- Microsoft Identity Platform
- Microsoft Graph in Microsoft docs
- Active Directory by Wikipedia
- The blog post about differences between AD & AAD
- Compare Azure AD with ADDS
More about Azure
Introduction to Cloud Computing
Cloud computing is the present and future of software utilization, development, and hosting. Let me introduce you to its…levelup.gitconnected.com
How to Create a Free Azure Account Step by Step
Guide for creating a free Azure account. What services can you use for free? What is Directory or subscription and what…levelup.gitconnected.com
How to Choose the Azure Region
What should you consider before choosing Azure Region? How Microsoft geographically divide datacentres position to…danielrusnok.medium.com
Understanding the Azure Resource Groups and Azure Resources
Also with Guide How to Create your First Azure Resource Group and Add your Azure Resource Into it.danielrusnok.medium.com
Every month I will send you an email about a list of my newest articles. It will be, of course, the friendly links…www.danielrusnok.com
If this helped clear things up, you might also like The Claude Code Memory Starter — a short, free email series, one bite-sized lesson at a time.
Related Reading
- [LINK PLACEHOLDER - https://medium.com/@danielrusnok/introduction-to-cloud-computing-235e530b9fe0] — _Introduction to Cloud Computing_
- [LINK PLACEHOLDER - https://medium.com/@danielrusnok/how-to-create-a-free-azure-account-step-by-step-348d4991ae6e] — _How to Create a Free Azure Account Step by Step_
- [LINK PLACEHOLDER - https://medium.com/@danielrusnok/understanding-the-azure-resource-groups-and-azure-resources-d89ce92d25a6] — _Understanding the Azure Resource Groups and Azure Resources_
- [LINK PLACEHOLDER - https://medium.com/@danielrusnok/how-to-implement-azure-functions-in-any-language-with-custom-handlers-78e627264ccb] — _How to Implement Azure Functions in any Language with Custom Handlers_





Top comments (0)