IT:AD:Microsoft Account


A Microsoft Account is one of the two types of IdP Accounts associated to an Azure Accounts: * Personal Accounts * Organisational Accounts (also known as an Azure AD Account, or Work/School Account).


package Azure {
class "Account" as AZA

note right of AZA {
Account info
accessible via

package "IdP Identity" as II {
package "Azure AD" as AAD {
class "Personal Account" as PA
class "Microsoft Account" as MA
MA .UP.|> PA

package "Microsoft Live" as ML {
class "Organisation Account" as OA
class "Azure AD Account" as AA
AA .UP.|> OA

AAD -[Hidden]RIGHT- ML

note bottom of MA
Account info
accessible via

end note


Personal Accounts:

  • are personal, consumer accounts, created by individuals themselves (as oppossed to an Org's admin) and stored at
  • services authenticate by redirecting users to sign in via
  • are currently called Microsoft Accounts (Passport Accounts became Live Accounts, which became Microsoft Accounts)
  • Can access services registered in the Azure ADs to which the user has been invited.
    • Note: Azure AD has a federation trust relationship with Hence Azure AD can authenticate “native” org accounts, as well as “guest” consumer Microsoft Accounts.
  • Considerations:
    • There is no API for provisioning Microsoft Accounts, and therefore cannot currently fulfill Organisational (Business/School) provisioning/management/deprovisioning requirements.
A comparison between the two types of Accounts (Personal/Organisation) is available at: IT:AD:Azure:Account.