As of November 2022, Here I’ve prepared detailed feature comparison table on AzureAD Premium License.
Microsoft Azure Active Directory is a comprehensive identity and access management cloud solution that combines core directory services, application access management and advanced identity protection.
| No | Category | Features | AzureAD Free | AzureAd Premium Plan1 | AzureAD Premmium Plan2 |
| 1 | Authentication, single sign-on and multifactor authentication (MFA) | Cloud authentication (Pass-through authentication, password hash synchronization) | YES | YES | YES |
| Federated authentication (Active Directory Federation Services or federation with other identity providers) | YES | YES | YES | ||
| Single sign-on (SSO) unlimited | YES | YES | YES | ||
| Multifactor authentication (MFA) | YES | YES | YES | ||
| Passwordless (Windows Hello for Business, Microsoft Authenticator, FIDO2 security key integrations | YES | YES | YES | ||
| Service-level agreement | NO | YES | YES | ||
| SaaS apps with modern authentication (Azure AD application gallery apps, SAML, and OAUTH 2.0) | YES | YES | YES | ||
| 2 | Applications Access | Group assignment to applications | NO | YES | YES |
| Cloud app discovery (Microsoft Defender for Cloud Apps) | NO | YES | YES | ||
| Application Proxy for on-premises, header-based, and Integrated Windows Authentication | NO | YES | YES | ||
| Secure hybrid access partnerships (Kerberos, NTLM, LDAP, RDP, and SSH authentication) | YES | YES | YES | ||
| 3 | Authorization and Conditional Access | Role-based access control (RBAC) | YES | YES | YES |
| Conditional Access | NO | YES | YES | ||
| SharePoint limited access | NO | YES | YES | ||
| Session lifetime management | NO | YES | YES | ||
| Identity Protection (Risky sign-ins, risky users, risk-based conditional access) | NO | NO | YES | ||
| Custom security attributes | NO | YES | YES | ||
| 4 | Administration and hybrid identity | User and group management | YES | YES | YES |
| Advanced group management (Dynamic groups, naming policies, expiration, default classification) | NO | YES | YES | ||
| Directory synchronization—Azure AD Connect (sync and cloud sync) | YES | YES | YES | ||
| Azure AD Connect Health reporting | NO | YES | YES | ||
| Delegated administration—built-in roles | YES | YES | YES | ||
| Global password protection and management – cloud-only users | YES | YES | YES | ||
| Global password protection and management – custom banned passwords, users synchronized from on-premises Active Directory | NO | YES | YES | ||
| Microsoft Identity Manager user client access license (CAL) | NO | YES | YES | ||
| 5 | End-user self-service | Application launch portal (My Apps) | YES | YES | YES |
| User application collections in My Apps | YES | YES | YES | ||
| Self-service account management portal (My Account) | YES | YES | YES | ||
| Self-service password change for cloud users | YES | YES | YES | ||
| Self-service password reset/change/unlock with on-premises write-back | NO | YES | YES | ||
| Self-service sign-in activity search and reporting | NO | YES | YES | ||
| Self-service group management (My Groups) | NO | YES | YES | ||
| Self-service entitlement management (My Access) | NO | NO | YES | ||
| 6 | Identity Governance | Automated user provisioning to apps | YES | YES | YES |
| Automated group provisioning to apps | NO | YES | YES | ||
| HR-driven provisioning | NO | YES | YES | ||
| Terms of use attestation | NO | YES | YES | ||
| Access certifications and reviews | NO | NO | YES | ||
| Entitlements management | NO | NO | YES | ||
| Privileged Identity Management (PIM), just-in-time access | NO | NO | YES | ||
| 7 | Event logging and reporting | Basic security and usage reports | YES | YES | YES |
| Advanced security and usage reports | NO | YES | YES | ||
| Identity Protection: vulnerabilities and risky accounts | NO | NO | YES | ||
| Identity Protection: risk events investigation, SIEM connectivity | NO | NO | YES | ||
| 8 | Frontline workers | SMS sign-in | NO | YES | YES |
| Shared device sign-out | NO | YES | YES | ||
| Delegated user management portal (My Staff) | NO | YES | YES |
Premium P1
Designed to empower organisations with more demanding identity and access management needs, Azure Active Directory Premium edition adds feature-rich enterprise-level identity management capabilities and enables hybrid users to seamlessly access on-premises and cloud capabilities. This edition includes everything you need for information worker and identity administrators in hybrid environments across application access, self-service identity and access management (IAM) and security in the cloud.
Premium P2
Azure Active Directory Premium P2 includes every feature of all other Azure Active Directory editions enhanced with advanced identity protection and privileged identity management capabilities.
Feature comparisons for each tier located on Active Directory documentation.
Hello,
Do you have an artical on azure information Protection
Yes, you can check Azure Information Protection here