Skip to main content

Entra ID Architecture

This page is for the mental models behind Entra ID.

The goal is to make identity topics easier to reason about before getting lost in individual settings, policies, or troubleshooting steps.

Questions this section should answer

What is the role of a tenant in the overall model?
How should users, groups, apps, and permissions relate to each other?
Which identity boundaries matter most in practice?
Where do authentication, authorization, and governance overlap?

Notes I want to build here

tenant-level mental models
users, groups, roles, and administrative boundaries
enterprise applications and app registrations
conditional access in the larger access model
identity governance and lifecycle thinking

Writing principle

If a topic feels complicated, I want to explain it first in plain operational language and only then go deeper into the platform details.

Questions this section should answer
Notes I want to build here
Writing principle