Live Chat
Click to Call
1-866-716-2040Microsoft Entra ID – Free vs P1 vs P2 vs Governance
Microsoft Entra ID formerly known as Azure Active Directory is a cloud-based identity and access management service provided by Microsoft. It is designed to manage user identities and access to various cloud and on-premises applications and resources. Azure AD provides features such as single sign-on (SSO), multi-factor authentication (MFA), user provisioning, and role-based access control (RBAC). As a Tier 1 CSP for Azure, Apps4Rent offers Microsoft Entra ID P1, P2, and Governance plans for Office 365 and Azure subscribers.
Here’s the table of feature comparison of Microsoft Entra ID plans including Free version vs P1 vs P2 vs Governance:
| Features | Microsoft Entra ID Free (Formerly Azure AD Free) | Microsoft Entra ID P1 (Formerly Azure AD P1) | Microsoft Entra ID P2 (Formerly Azure AD P2) | Microsoft Entra ID Governance |
Free | $6/month Based on Annual Commitment  | $9/month Based on Annual Commitment  | $7/month Based on Annual Commitment  | |
| Seamless access management: Authentication, application access and single sign-on | ||||
| Cloud authentication (Pass-through authentication, password hash synchronization) |  |  |  |  |
| Federated authentication (Active Directory Federation Services or federation with other identity providers) |  |  |  |  |
| Unlimited single sign-on (SSO) capabilities |  |  |  |  |
| Software as a service (SaaS) apps with modern authentication (Microsoft Entra ID application gallery apps, OAUTH 2.0 and SAML) |  |  |  |  |
| Group assignment to applications |  |  |  |  |
| Personalizable user sign-in page |  |  |  |  |
| Cloud app discovery through Microsoft Defender for Cloud Apps |  |  |  |  |
| Application proxy for on-premises, header-based, and integrated Windows authentication |  |  |  |  |
| Secure hybrid access partnerships (Kerberos, NTLM, LDAP, RDP, and SSH authentication) |  |  |  |  |
| Service level agreement (SLA) |  |  |  |  |
| Hybrid identity and administration | ||||
| Managing groups and users |  |  |  |  |
| Active Directory identity synchronization with Microsoft Entra ID using Cloud Sync or Connect Sync Options |  |  |  |  |
| Analytics and cloud monitoring for on-premises servers using Connect Health |  |  |  |  |
| Microsoft identity manager user client access license (CAL) |  |  |  |  |
| Delegated administration-built-in roles |  |  |  |  |
| Cross-tenant user synchronization |  |  |  |  |
| Advanced group management ( naming policies, expiration, dynamic groups, default classification) |  |  |  |  |
| Role-based access control (RBAC) |  |  |  |  |
| End user self service capabilities | ||||
| My Account: a self-service account management portal |  |  |  |  |
| My Apps: user application collections |  |  |  |  |
| Self-service password change/unlock/reset with on-premises write-back |  |  |  |  |
| Self-service sign-in activity search and reporting |  |  |  |  |
| Self-service password change for cloud users |  |  |  |  |
| My Groups: self-service group management |  |  |  |  |
| My Apps: An application launch portal |  |  |  |  |
| My Access: self-service entitlement management |  |  |  |  |
| Multifactor authentication and conditional access | ||||
| Multifactor authentication (MFA) |  |  |  |  |
| Conditional access |  |  |  |  |
| Session lifetime management |  |  |  |  |
| Passwordless Authentication: utilizing Windows Hello for Business, Microsoft Authenticator, FIDO2, and security key integrations |  |  |  |  |
| Continuous access evaluation |  |  |  |  |
| Global password protection and management (custom banned passwords, users synchronized from on-premises Active Directory) |  |  |  |  |
| SharePoint limited access |  |  |  |  |
| Global password protection and management for cloud users |  |  |  |  |
| Custom security attributes |  |  |  |  |
| Identity protection | ||||
| Device and application filters for Conditional Access |  |  |  |  |
| Token protection |  |  |  |  |
| Risk-based Conditional Access (sign-in risk, user risk) |  |  |  |  |
| Investigation of risk events and security information and event management (SIEM) connectivity |  |  |  |  |
| Risky accounts and vulnerabilities |  |  |  |  |
| Authentication context (step-up authentication) |  |  |  |  |
| Insightful visibility: Event logging and reporting | ||||
| Usage reports and basic security |  |  |  |  |
| Usage reports and advanced security |  |  |  |  |
| Identity governance: centralized and streamlined identity management | ||||
| Automated user provisioning to SaaS applications |  |  |  |  |
| Automated group provisioning to applications |  |  |  |  |
| Basic access certifications and reviews |  |  |  |  |
| Machine learning assisted access certifications and reviews |  |  |  |  |
| Basic entitlement management |  |  |  |  |
| Automated user provisioning to on-premises apps |  |  |  |  |
| Entitlement management – separation of duties |  |  |  |  |
| Entitlement management with Verified ID |  |  |  |  |
| Terms of use attestation |  |  |  |  |
| Lifecycle workflows |  |  |  |  |
| HR-driven provisioning |  |  |  |  |
| Monitoring identity governance through a dashboard |  |  |  |  |
| Privileged identity management (PIM) |  |  |  |  |
Products breaking new ground in identity
Empower Your Identity with Verified ID – Now Available for Free
Discover the exceptional benefits of Verified ID, an incredible feature that comes bundled with every Microsoft Entra ID subscription, including the free version, without any additional charges.
- Effortlessly tailor and set up verifiable credentials for individuals using either a ready-made template or your own customized rules and design files.
- Seamlessly issue and accept verifiable credentials by configuring Verified ID in your Microsoft Entra administrator portal.
- Ensure the authenticity of a Verified ID credential by obtaining approval from the individual through their digital wallet, guaranteeing secure validation.
- Maintain control over credentials by revoking or suspending active verified status while allowing the invalidated credential to remain in their possession, ensuring a seamless and user-friendly experience.
Microsoft Entra
Verified ID
Enhance Your Data security with Microsoft Entra Permissions Management
Microsoft Entra Permissions Management is a cutting-edge cloud infrastructure entitlement management (CIEM) solution that delivers unparalleled visibility and control over permissions for identities and resources across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).
- Gain comprehensive and multidimensional visibility into every action performed by any identity on any resource within your cloud infrastructures.
- Mitigate permission risks by assessing the gaps between granted and utilized permissions.
- Leverage the power of machine learning to detect anomalous activities and generate detailed forensic reports for deeper analysis and enhanced incident response.
Ensure Trusted Connectivity with Workload Identities
Workload identities are identities granted to applications or services enabling them to establish trusted connections with other services effortlessly. This ensures that only authorized actions are executed, mitigating the risks associated with unauthorized access or misuse of permissions.
- Create customized security policies for each workload identity using conditional access.
- Take advantage of cloud-based AI to intelligently identify and respond to compromised workload identities.
- Gain visibility into unused workload identities and receive actionable recommendations for strengthening security.
