Summary and resources

In this module, you learned about the foundational identity concepts that underpin Microsoft security, compliance, and identity solutions.

You learned how authentication proves who you are—through credentials, multifactor authentication, and passwordless methods—while authorization determines what you're allowed to do. You explored why identity is the new security perimeter and how organizations manage it through four pillars: administration, authentication, authorization, and auditing.

You learned how identity providers centralize authentication, issue security tokens, and enable single sign-on. You explored directory services—from on-premises Active Directory Domain Services to Microsoft Entra ID as its cloud-native evolution. Finally, you learned how federation uses trust relationships so users can access resources across organizational boundaries using the identities they already have.

Now that you've completed this module, you should be able to:

• Define authentication and authorization and explain how they work together to control access.
• Describe identity as the primary security perimeter and explain the four pillars of an identity infrastructure.
• Describe the role of an identity provider and how modern authentication uses tokens and single sign-on.
• Describe directory services, Active Directory Domain Services, and Microsoft Entra ID as its cloud evolution.
• Describe the concept of federation and how trust relationships enable cross-organizational access.

Learn more

The following resources provide additional information on the topics covered in this module.

• Identity and access management fundamental concepts
• Authentication vs. authorization
• What is Microsoft Entra?
• Compare Active Directory to Microsoft Entra ID
• What is federation with Microsoft Entra ID?