User and group management

Efficiently manage user identities and groups with Azure Active Directory (Azure AD).

What is user and group management?

Managing users and groups is fundamental to identity and access management. At its core, user and group management consists of creating and updating identities, and setting rules for the resources each user identity can access. It also includes assigning sets of users to groups for efficient management.

Manage users and groups in Azure AD

Explore user management and group features in Azure AD with this seven-part Microsoft Learn module.

User and group management in Azure AD

Azure AD provides user management services for IT administrators, including assigning licenses, delegating permissions, and assigning access to apps.

Top user and group management tasks

Learn about the relationship between user identity management tasks in terms of groups, licenses, deployed enterprise apps, and administrator roles.

Group-based licensing

Assign Microsoft service licensing at a group level for large-scale management and automation based on organization changes.

App management and resource access

Use groups to more efficiently manage access to your cloud-based apps, on-premises apps, and resources such as SharePoint site membership.

Dynamic group assignment

Automate access compliance with custom-built rules that determine group membership based on user properties, such as job function.

Take a deep dive into Azure AD user management

Additional resources

How-to guides

See step-by-step guidance for adding, updating, and removing user identities from Azure AD.


Learn to automatically add users to groups based on their identity properties.


Start assigning licenses to users and groups.

Azure AD is your identity control plane in the cloud. Manage user and group access to software as a service (SaaS) apps, custom apps, and on-premises apps.