Microsoft Entra ID
Researched 2026-06-28. Primary category: identity-access.
One-liner — Microsoft’s cloud identity provider (the former Azure Active Directory): the SSO/MFA/Conditional-Access front door for everyone already living in Microsoft 365 and Azure.
What it does
Entra ID is the directory and identity-provider (IdP) layer that authenticates users and apps, issues tokens, and enforces access policy. Core jobs: single sign-on (SSO) to thousands of SaaS apps, multi-factor authentication (MFA), Conditional Access (risk- and context-based access rules), user/group lifecycle, and identity protection (anomaly detection on sign-ins). For most enterprises it is the de-facto corporate directory because it ships with Microsoft 365.
It was renamed from Azure Active Directory (Azure AD) to Microsoft Entra ID in July 2023 — a rename only, no feature change. “Microsoft Entra” is the broader family: Entra ID (the IdP), Entra ID Governance (IGA), Entra Permissions Management (CIEM), Entra Verified ID, Entra Internet/Private Access (SSE), and newer Entra Agent ID for agent identities.
Where it sits in the stack
The identity-access foundation — the human (and increasingly agent) front door. It controls access to sensitive data by deciding who/what is authenticated and authorized before anything reaches data or models. It’s the IdP that AI gateways, entitlement-aware-rag, and downstream tools federate against.
Deployment & architecture
SaaS, multi-tenant, delivered as part of Azure / Microsoft 365. Standards-based (SAML, OIDC, OAuth2, SCIM) so it federates to virtually any app. Integrates natively with microsoft-purview, microsoft-sentinel, microsoft-defender, Intune, and Microsoft 365 Copilot. Licensed in tiers (Free, P1, P2); governance and CIEM are add-ons.
Positioning & differentiators
Default-by-bundling: if you pay for Microsoft 365 you already have Entra ID, which makes it the path of least resistance versus standalone okta or ping-identity. Strongest where the estate is Microsoft-centric (Windows, Office, Azure). Weaker as a neutral, best-of-breed IdP for heterogeneous or heavy-CIAM environments, where Okta/Auth0 or Ping are often preferred. Governance (Entra ID Governance) is newer and lighter than dedicated sailpoint/saviynt.
Ownership, funding & M&A
Microsoft product; not separately funded. Public parent (Nasdaq: MSFT). Ownership confidence high. No M&A relevant to the unit itself.
CTO / hedge-fund lens
Day-1, and for most funds it’s already there. A hedge fund running Microsoft 365 effectively already owns its IdP — the work is configuration (Conditional Access, MFA, privileged-role protection), not procurement. For AI specifically, Entra is what your AI gateway, Copilot, and RAG layer should authenticate against so access decisions inherit existing entitlements. Bundled cost and tight Microsoft integration usually make it the default; the question is whether you also want best-of-breed governance on top.
Competitors / alternatives
okta, ping-identity. Governance neighbors: sailpoint, saviynt, veza, conductorone, lumos.
Open questions / to verify
- Exact split of what’s licensed P1 vs P2 vs Governance add-on for a given fund’s needs (verify at purchase).
Sources
- New name for Azure Active Directory — Microsoft Learn — fetched 2026-06-28 — supports: Azure AD→Entra ID rename (July 2023), Entra family scope, ownership; confidence: high
History
- [2026-06-28] Stub created from seed registry.
- [2026-06-28] Researched; established it as Microsoft’s IdP (former Azure AD, renamed July 2023), part of the Entra family; ownership set to public (Microsoft), confidence high; Day-1, high hedge-fund fit (bundled with M365).