Learn to plan, deploy, and manage secure authentication in Microsoft Entra ID. This module covers authentication methods, MFA with Conditional Access, passwordless options, and self-service password reset.
After completing this module, you'll be able to:
- Describe Microsoft Entra ID authentication methods and authentication strength concepts.
- Configure multifactor authentication using Conditional Access policies and named locations.
- Implement passwordless authentication methods, including Windows Hello for Business, passkeys, and FIDO2 security keys.
- Configure self-service password reset for users in a hybrid environment.
Implement Just-in-Time privileged access using Privileged Identity Management (PIM) to reduce standing privilege across Microsoft Entra roles, Azure resources, and group-based access used by AI workloads and applications.
After completing this module, you will be able to:
- Explain why privileged identity management and just-in-time access are critical to a zero-trust security strategy
- Describe the core capabilities and assignment types in Privileged Identity Management (PIM)
- Implement just-in-time access for Microsoft Entra roles using PIM
- Implement just-in-time access for Azure resource roles using PIM
- Scale just-in-time group access using PIM for Groups
- Apply just-in-time access patterns to AI workloads, agents, and applications
- Apply design principles and best practices for just-in-time privileged access
When building apps for work, you typically integrate with secured APIs. Learn about the two common ways of how APIs are secured – API key and OAuth2, and how to integrate with them when building an API plugin for declarative agents that run in Microsoft 365 Copilot.
By the end of this module, you're able to:
- Identify how an API is secured
- Design a secure way to integrate an API plugin for Microsoft 365 Copilot with an API
- Integrate an API plugin with an API secured with an API key
- Integrate an API plugin with an API secured with OAuth2
- Run the API plugin in Microsoft 365 Copilot to validate the results

Syllabus

Manage and implement authentication methods in Microsoft Entra ID
- Introduction
- Explore Microsoft Entra ID authentication methods
- Configure multifactor authentication in Microsoft Entra ID
- Implement passwordless authentication in Microsoft Entra ID
- Configure self-service password reset in Microsoft Entra ID
- Exercise - Configure authentication methods in Microsoft Entra ID
- Module assessment
- Summary
Implement and configure Privileged Identity Management (PIM)
- Introduction
- Why Privileged Identity Management and just-in-time access matter
- Core capabilities of Privileged Identity Management (PIM)
- Implement just-in-time access for Microsoft Entra roles
- Implement just-in-time access for Azure roles and resources
- Scaling with PIM for Groups
- Applying JIT access to AI workloads, agents, and applications
- JIT design patterns and best practices
- Module assessment
- Summary
Authenticate your API plugin for declarative agents with secured APIs
- Introduction
- Integrate an API plugin with an API secured with a key
- Exercise - Integrate an API plugin with an API secured with a key
- Integrate an API plugin with an API secured with OAuth
- Exercise - Integrate an API plugin with an API secured with OAuth
- Module assessment
- Summary