Microsoft Azure Active Directory (AD) processes 1 billion authentications a day

Kareem Anderson

Azure AD processes 1 billion authentications a day

When it comes to cloud management, Microsoft is bringing the same high level functionality of previous on-premise solutions but at a much faster clip for the cloud. Azure, Office 365, and Azure Active Directory (AD) are becoming a robust set of solutions for small to medium businesses, that are looking for simplicity and cost-saving measures.

Alex Simons, Azure Active Directory employee, took to the team blog to address some commonly asked questions, and share some insights gained from businesses that are moving to the cloud.

Simons found when businesses were ready to use Microsoft cloud solutions they often asked one of two-or both, questions:

“What’s the best way to connect my on-premises directory to Office 365 -and- what’s the best way to connect my on-premises directory to Azure?”

Fortunately for Simons, he was ready with detailed answers.

Since Office 365 and Azure do not connect directly to on-premises directories, businesses typically us Azure AD to identify systems and handle identity connections. Simons contests that this form of specialization helps to simplify cloud connections by allowing Azure AD to make a single connection to several Microsoft services and 3rd parties. With that answer, the real question for businesses becomes, “How should my organization provision identities into Azure AD? And which authentication options should we use,” Simons says.

Based on the numbers, this process of Azure AD deployment seems to be going quite well.

Azure AD processes 1 billion authentications a day

  • 4.9M organizations are using Azure AD to manage > 430M identities
  • The majority of the 4.9M are smaller businesses and have < 500 employees.
  • A subset of the 4.9M organizations are medium/large and have 500 or more employees. Because these organizations are comparatively large, they account for 93% of identities in Azure AD.
  • 55% of them are using Azure AD Sync (or its predecessor DirSync) to provision identities in Azure AD.
  • 2% of them are using a 3rd party cloud identity service (i.e. Centrify, Okta, OneLogin, etc.) for provisioning.
  • Another 2% use a wide variety of home grown and custom provisioning tools.
  • The remainder are using one of our portals (Azure or Office365) and PowerShell scripts for provisioning

Simons also provides us some more numbers about Azure AD authentication.

Azure AD processes 1 billion authentications a day

  • Azure AD processes over 1 billion authentications a day and some days they can reach upwards of 2 billion.
  • 56% are cloud only and completed directly by Azure AD
  • 32% are completed by an ADFS server deployed at a customer site
  • 7% are completed using a password that was synced from on-premises using our Password Sync feature
  • Just over 1% are completed by syndication partners (i.e. large companies who resell Microsoft services)
  • Just under 1% are completed by a 3rd third party federation server (i.e. CA Site Minder, Ping, etc.)
  • Just under 1% are completed by a 3rd party identity service (i.e. a company like Centrify, Okta, OneLogin, etc.)
  • The remaining 1% are completed with a variety of open source and custom solutions.

These numbers show Microsoft’s Azure AD is offering a new level flexibility that is evolving with the needs of small to medium business that lean on the cloud.