What is a device identity?

A device identity is an object in Microsoft Entra ID. This device object is similar to users, groups, or applications. A device identity gives administrators information they can use when making access or configuration decisions.

Devices displayed in Microsoft Entra Devices blade

There are three ways to get a device identity:

  • Microsoft Entra registration
  • Microsoft Entra join
  • Microsoft Entra hybrid join

Device identities are a prerequisite for scenarios like device-based Conditional Access policies and Mobile Device Management with the Microsoft Intune family of products.

Modern device scenario

The modern device scenario focuses on two of these methods:

Microsoft Entra hybrid join is seen as an interim step on the road to Microsoft Entra join. Microsoft Entra hybrid join provides organizations support for downlevel Windows versions back to Windows 7 and Server 2008. All three scenarios can coexist in a single organization.

Resource access

Registering and joining devices to Microsoft Entra ID gives users Seamless Sign-on (SSO) to cloud-based resources.

Devices that are Microsoft Entra joined benefit from SSO to your organization's on-premises resources.

Provisioning

Getting devices in to Microsoft Entra ID can be done in a self-service manner or a controlled process managed by administrators.

Next steps