|
Azure Active Directory Free |
Azure Active Directory Basic |
Azure Active Directory Premium P1 |
Azure Active Directory Premium P2 |
Office 365 apps only |
Common features |
Directory objects1 |
500,000 object limit |
No object limit |
No object limit |
No object limit |
No object limit for Office 365 user accounts |
User/group management (add/update/delete), user-based provisioning, device registration, password change, synchronization tools for “on-premises to cloud” directory integration (Azure AD Connect) |
Yes |
Yes |
Yes |
Yes |
Yes |
Single Sign-On (SSO) |
10 apps per user2(pre-integrated SaaS and developer-integrated apps) |
10 apps per user2 (free tier + Application proxy apps) |
No limit (free, Basic tiers + Self-Service App Integration templates4) |
No limit (free, Basic tiers + Self-Service App Integration templates4) |
10 apps per user2(pre-integrated SaaS and developer-integrated apps) |
Security/usage reports |
Basic reports |
Basic reports |
Advanced reports |
Advanced reports |
Basic reports |
Premium + Basic features |
Group-based access management/provisioning |
Yes |
Yes |
Yes |
Self-service password reset for cloud users |
Yes |
Yes |
Yes |
Yes |
Company branding (logon pages/access panel customization) |
Yes |
Yes |
Yes |
Yes |
Application proxy |
Yes |
Yes |
Yes |
SLA 99.9% |
Yes |
Yes |
Yes |
Yes |
Premium features |
Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups |
Yes |
Yes |
Self-service password reset/change/unlock with write-back to on-premises directories |
Yes |
Yes |
Multi-Factor Authentication (cloud and on-premises (MFA server)) |
Yes |
Yes |
Limited cloud-only for Office 365 Apps |
MIM CAL + MIM Server3 |
Yes |
Yes |
Cloud app discovery |
Yes |
Yes |
Connect Health |
Yes |
Yes |
Conditional Access based on group and location |
Yes |
Yes |
Conditional Access based on device state (allow access from managed devices) |
Yes |
Yes |
Identity Protection |
Yes |
Privileged Identity Management |
Yes |
Windows 10 + Azure AD Join related features |
Join a Windows 10 device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator Bitlocker recovery |
Yes |
Yes |
Yes |
Yes |
Yes |
Windows 10 + Azure AD Join related features |
MDM auto-enrollment, Self-service Bitlocker recovery, additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming |
Yes |
Yes |