Microsoft 365

3 Mins Read

Microsoft Verified ID vs Decentralized and Centralized Identity

Voiced by Amazon Polly

In the digital world, identity refers to how individuals, organizations and devices prove who they are when accessing services or sharing information. The way this identity is managed can significantly impact privacy, security and user control. Three major approaches are Centralized Identity, Decentralized Identity and Microsoft Verified ID (an implementation of decentralized identity principles).

Customized Cloud Solutions to Drive your Business Success

  • Cloud Migration
  • Devops
  • AIML & IoT
Know More

Centralized Identity

A centralized identity system is one where a single authority manages and verifies the identities of users across multiple services or platforms. Here’s a simple example to illustrate:

Example: Centralized Identity in a Corporate Environment

Scenario: A company utilizes a centralized identity system, Active Directory (AD), to manage employee access to various internal tools, including email, file storage, HR systems and project management platforms.

How it works:

  • Each employee has one username and password managed by AD.
  • When an employee logs into their computer or accesses any internal tool, the system checks their credentials against AD.
  • AD verifies the identity and grants access based on the employee’s role and permissions.

Benefits:

  • Single Sign-On (SSO): Employees don’t need to remember multiple passwords.
  • Centralized control: IT can easily manage access, reset passwords and revoke permissions.
  • Security: Policies like multi-factor authentication (MFA) and password complexity can be enforced uniformly.

Decentralized Identity

A decentralized identity system allows individuals to manage and control their own digital identities without relying on a central authority. Here’s a clear example:

Example: Decentralized Identity Using Blockchain

Scenario: Alice wants to prove her identity to access a financial service online, but she doesn’t want to share her personal data with a centralized provider.

How it works:

  1. Alice creates a self-sovereign identity (SSI) using a decentralized identity wallet (e.g., Microsoft Entra Verified ID).
  2. Her identity credentials (e.g., age, citizenship, education) are issued by trusted institutions (like a university or government agency) and stored securely in her wallet.
  3. These credentials are cryptographically signed and anchored on a blockchain, ensuring they are tamper-proof and verifiable.
  4. When Alice needs to prove her identity, she shares only the necessary credentials (e.g., “I am over 18”) without revealing her whole identity.
  5. The service provider verifies the credentials against the blockchain without needing to contact the issuing institution.

Benefits:

  • Privacy-preserving: Users share only what’s needed.
  • User control: Individuals own and manage their identity.
  • Interoperability: Works across platforms and borders.
  • Security: Reduces risk of centralized data breaches.

Why Entra ID Is Centralized?

Microsoft Entra ID (formerly Azure Active Directory) is managed by Microsoft and acts as a central identity provider for users, devices and applications. It stores and verifies user credentials, access policies and permissions in a centralized cloud directory. Organizations use Entra ID to control access to Microsoft 365, Azure and thousands of third-party apps from a single platform.

  • Single Sign-On (SSO)
  • Multi-Factor Authentication (MFA)
  • Conditional Access
  • Identity Governance

This centralized model simplifies administration and enhances security, but it also means that identity data is dependent on and controlled by Microsoft.

Microsoft Entra Verified ID

Microsoft Entra Verified ID is a decentralized identity platform that allows individuals and organizations to issue, hold and verify Verifiable Credentials (VCs) using Decentralized Identifiers (DIDs).

Key Features of Entra Verified ID:

  • Self-sovereign identity: Users control their credentials and decide what to share.
  • Verifiable Credentials: Digitally signed claims issued by trusted entities (e.g., universities, employers).
  • Decentralized Identifiers (DIDs): Unique identifiers that are not tied to a central registry.
  • Blockchain-backed: Uses open standards and distributed ledgers to anchor identity data.
  • Privacy-preserving: Enables selective disclosure of information (e.g., proving age without revealing birthdate).

For instance, CloudThat offers hands-on courses and labs designed for IT professionals and administrators who want to strengthen their Azure and Microsoft security expertise. Programs such as AZ-104: Microsoft Azure Administrator and SC-300: Microsoft Identity and Access Administrator provide guided practice in managing Azure resources, configuring virtual networks, implementing identity and access management in Azure AD, and securing enterprise environments.

Use Case Example:

An employee receives a digital credential from their company confirming their role. When accessing a partner system, they present only the necessary credentials (e.g., job title) without exposing their whole identity. The partner verifies the credential cryptographically without contacting the issuing company.

Standards Used:

  • W3C Decentralized Identifiers
  • W3C Verifiable Credentials
  • DIF Sidetree
  • DIF Well-Known DID Configuration
  • DIF DID-SIOP
  • DIF Presentation Exchange

Identity Models Compared

Centralized and decentralized identity systems serve distinct purposes in the digital identity landscape. Microsoft Entra ID exemplifies centralized identity management, offering robust enterprise features such as Single Sign-On, Multi-Factor Authentication and centralized governance, ideal for internal organizational control and security. In contrast, Microsoft Entra Verified ID embraces a decentralized approach, empowering individuals with self-sovereign identity through verifiable credentials and blockchain-backed trust. This model enhances privacy, portability and cross-platform interoperability, making it well-suited for scenarios that require secure, user-controlled identity verification across organizational and geographic boundaries. Together, these solutions reflect Microsoft’s commitment to supporting both enterprise-grade identity management and the future of decentralized digital identity.

Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.

  • Cloud Training
  • Customized Training
  • Experiential Learning
Read More

About CloudThat

CloudThat is an award-winning company and the first in India to offer cloud training and consulting services worldwide. As a Microsoft Solutions Partner, AWS Advanced Tier Training Partner, and Google Cloud Platform Partner, CloudThat has empowered over 850,000 professionals through 600+ cloud certifications winning global recognition for its training excellence including 20 MCT Trainers in Microsoft’s Global Top 100 and an impressive 12 awards in the last 8 years. CloudThat specializes in Cloud Migration, Data Platforms, DevOps, IoT, and cutting-edge technologies like Gen AI & AI/ML. It has delivered over 500 consulting projects for 250+ organizations in 30+ countries as it continues to empower professionals and enterprises to thrive in the digital-first world.

WRITTEN BY Kuino Dalstia

S. Kuino Dalstia is a Subject Matter Expert and MCT at CloudThat, specializing in Microsoft Azure. With 17 years of experience in training and academics, she has trained over 5,000 professionals to upskill in Architect, Administrator and Security. Known for simplifying complex concepts through real-world analogies, she brings deep technical knowledge and practical application into every learning experience. Kuino’s passion for teaching reflects in her unique approach to learning and development.

Share

PREV

NEXT

Comments

    Click to Comment

Related Resources

Full Stack Development

Java, Python and JavaScript in AI: From Backend to

By Vishwas K Singh

Nov 25, 2025

Linux

Linux Permissions Made Easy: SUID, SGID and Sticky Bit

By Martuj Nadaf

Nov 25, 2025

Agentic AI

Agentic AI: The Next Leap in Business Intelligence and

By Yash Khatod

Nov 24, 2025

AWS

Amazon Quick Suite: Unified AI Workspace for Data, Insights

By Rashmi D

Nov 24, 2025

Case Study

Achieved 80-90% Reduction in 5xx Errors and 99% Uptime

By Anusha R

Nov 24, 2025

News and Events

Balancing the AI boom: The FinOps tightrope in India’s

By Himisha Raval

Nov 20, 2025

GitHub

GH-500: Master GitHub Advanced Security for Secure DevOps

By Sirin Kausar Isak Ali

Nov 20, 2025

Case Study

Transforming Educational Accessibility Through Automated Multilingual Document Translation Using

By Anusha R

Nov 20, 2025

Azure

Reimagining Data Intelligence: Integrating Microsoft Copilot with Azure Cosmos

By Navitha Wilson

Nov 20, 2025

Case Study

Achieving 99.99% Application Availability with Resilient AWS Infrastructure for

By Anusha R

Nov 20, 2025

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!