Microsoft Identity, Authentication & Authorisation Explained
Mar 31, 2023 6:00 PM

Microsoft Identity, Authentication & Authorisation Explained

by HubSite 365 about Andy Malone [MVP]

Microsoft 365 Expert, Author, YouTuber, Speaker & Senior Technology Instructor (MCT)

AdministratorSecurityM365 AdminM365 Hot News

In this deeper session I’ll explain the various mechanisms that Microsoft use to not only identify users, but also authenticate and authorise them

In this deeper session I’ll explain the various mechanisms that Microsoft use to not only identify users, but also authenticate and authorise them in both a Windows domain environment, but also in Microsoft 365 & Azure AD. Authentication ensures that your users are who they say they are. Authorisation ensure that they can only access resources in a controlled manner. So if you want to learn, buckle up and get ready. This is a busy session with lots of demos.


  • 00:00 Introductions
  • 02:03 Identity, Authentication & Authorisation Explained - Presentation
  • 05:26 Demo - Creating an Identity in Microsoft Active Directory Domain Services ADDS
  • 07:19 Authentication Explained
  • 09:29 Creating Identities in the Cloud
  • 11:11 Demo - Creating a cloud identity in Azure AD
  • 14:13 Authentication - Proving who you are!
  • 18:04 Demo - Authentication Methods in the cloud. Authentication methods, Conditional Access, MFA,
  • 23:12 Authorisation - Here is what you can do. User Permissions, RBAC,MAC, ABAC
  • 28:44 Demo - Authorisation Methods. Onedrive permissions, RBAC, Dynamic Groups, ABAC
  • 34:36 Session conclusions and next steps

Identity, authentication, and authorization are three concepts that are critical to information security and access control.

Identity refers to the unique characteristics and attributes that define an individual or entity. It can include information such as a person’s name, address, date of birth, and other personal information. In the digital world, identity can also be represented by a username, email address, or other digital identifier.

Authentication is the process of verifying an individual’s or entity’s identity. This can be done through various means, such as a password, biometric data, or security tokens. The goal of authentication is to ensure that the person or entity attempting to access a system or resource is who they claim to be.

Authorization is the process of granting or denying access to a resource or system based on an individual’s or entity’s identity and the permissions associated with that identity. Authorization is typically based on predefined rules and policies that dictate what actions a user is allowed to take once they have been authenticated.

Together, identity, authentication, and authorization form the foundation of access control in computer systems and networks. By implementing these concepts, organizations can ensure that only authorized individuals or entities can access sensitive information or resources.

Microsoft Identity · ‎Authentication vs. authorization · ‎Authentication flows · ‎Quickstart

Jan 31, 2023 — The Microsoft identity platform helps you build applications ...