cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Entra Tech Accelerator
Jun 27 2023, 08:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more
SOLVED

Azure AD license, is it tenant level or user level?

Jack_Chen1780
Contributor

‎Sep 30 2021 10:21 AM - edited ‎Sep 30 2021 10:31 AM

‎Sep 30 2021 10:21 AM - edited ‎Sep 30 2021 10:31 AM

Azure AD license, is it tenant level or user level?

I am confused how Azure decide which features are available for certain users. 

 

For example, I have two test Azure tenants:

 

Tenant 1: doesn't have any Azure AD premium licenses, and in "Azure AD" -> Overview, the license is showing as "Azure AD Free".

 

If I create a enterprise application and tries to assign a group to the application, I will see a message "Groups are not available for assignment due to your Azure AD plan level"

 

Tenant 2:  it has a 25 user Microsoft 365 E5 Developer license, and in "Azure AD" -> Overview, the license is showing as "Azure AD Premium P2".

 

Here is the part I don't understand: I have two users in Tenant 2, one is admin user and one is regular user. I didn't assign any of them license. I used the admin user to create a Enterprise application, assigned a AAD group to this application, and added the regular user into the group.

 

Tested it and the user can access the application fine ( which means the group permission is working ), but I haven't assigned any of them license yet.

 

It seems the license is on the tenant level, not per user level ? so if I get 25 AAD Premium license, then I can use the group feature for all users? I know it doesn't sound right, would like to have a better understanding.

 

Thanks,

Jack

5,010 Views
0 Likes
4 Replies
Reply
4 Replies
Vasil Michev

‎Sep 30 2021 11:49 PM

‎Sep 30 2021 11:49 PM

Re: Azure AD license, is it tenant level or user level?

As a rule of thumb, Microsoft does not enforce licensing requirements in code. There are exceptions of course. Regardless, it's your job to make sure that your users are properly licensed to use a given functionality, even if there are no soft-blocks for doing so.
1 Like
Reply
best response confirmed by Jack_Chen1780 (Contributor)
HarriJaakkonen

‎Oct 01 2021 08:29 PM

‎Oct 01 2021 08:29 PM

Solution

Re: Azure AD license, is it tenant level or user level?

Hi,

This is what Microsoft says about tenant level services.

"A tenant-level service is an online service that when purchased for any user on the tenant (standalone or as part of Office/Microsoft 365 plans) is activated in part or in full for all users on the tenant. While in these cases some unlicensed users may be able to access the service technically, a license is required for any user that you intend to benefit from the service."

Here is the full pdf on this https://itblog.ldlnet.net/wp-content/uploads/2019/06/Guide-to-MS-O365-Licensing.pdf

I hope this helps,
1 Like
Reply
Chandrasekhar_Arya

‎Oct 06 2021 08:04 AM

‎Oct 06 2021 08:04 AM

Re: Azure AD license, is it tenant level or user level?

I guess the license is on user level can you check and remove if any unused license refer this article for more details https://docs.microsoft.com/en-us/microsoft-365/commerce/licenses/buy-licenses?view=o365-worldwide
Hope that helps
0 Likes
Reply
jebujohn

‎Feb 22 2022 08:10 PM

‎Feb 22 2022 08:10 PM

Re: Azure AD license, is it tenant level or user level?

Vasil, If I want to use a conditional access policy for a subset of my enterprise (finance team), would I need to have azure ad premium p1 for the entire tenant or only for my finance team?
I need to ensure that the finance team is able to login in from certain locations and place more restrictions on them. Everybody is on the same tenant.
0 Likes
Reply