Authentication vs Authorization
Learn about authentication and authorization in this lesson.
What is authentication in Azure?
Authentication in Azure refers to verifying the identity of users, services, or applications attempting to access resources or services within the Azure cloud environment. It ensures that only authorized entities are granted access to specific resources based on their provided credentials or identity tokens.
Critical aspects of authentication in Azure include:
Entra ID authentication: Entra ID is Microsoft's cloud-based identity and access management service. It provides centralized authentication and single sign-on capabilities for Azure resources and applications. Azure AD supports various authentication methods, including username and password, multi-factor authentication (MFA), and integration with third-party identity providers.
Managed service identity (MSI): MSI is an Azure feature that provides an automatically collected identity for Azure resources such as virtual machines and Azure Functions. These identities can authenticate with Azure services without exposing sensitive credentials.
OAuth and OpenID connect: OAuth and OpenID Connect are widely used identity and access management protocols. They allow applications and services to delegate user authentication to identity providers (like Azure AD) and obtain tokens to access protected resources.
Service principals: Service principals are non-human identities used by applications, services, and automation tools to authenticate and interact with Azure resources. They can be assigned permission to access specific aids or services.
Certificate-based authentication: Azure supports authentication using X.509 ...