Users, Groups, and Tenants

Every Azure environment begins with a tenant, and within that tenant live the users and groups that form the foundation of your identity management strategy. This lesson explores how to create, manage, and organise these identity objects.

Understanding the Tenant

A tenant represents a single organisation in Microsoft Entra ID. When your organisation signs up for Azure, Microsoft 365, or any other Microsoft cloud service, a tenant is automatically created.

Tenant Properties

Property	Description
Tenant ID	A globally unique GUID (e.g., `72f988bf-86f1-41af-91ab-2d7cd011db47`)
Primary domain	The default `.onmicrosoft.com` domain
Custom domains	Verified domains you add (e.g., `contoso.com`)
Country or region	Determines the data-residency location

Multi-Tenant vs Single-Tenant

Single-tenant — one tenant per organisation (most common)
Multi-tenant — some large organisations use separate tenants for subsidiaries, mergers, or regulatory isolation

You can establish cross-tenant access settings (B2B collaboration) to share resources between tenants.

Managing Users

User Types

Entra ID supports two primary user types:

Users, Groups, and Tenants

Users, Groups, and Tenants

Understanding the Tenant

Tenant Properties

Multi-Tenant vs Single-Tenant

Managing Users

User Types

More in Cloud