So far, we have been using SQL authentication to connect to Azure SQL Database, as we did in the previous chapter, via SQL Server Management Studio. Using Azure Active Directory (AD) will provide centralized administration for database users' identities, providing the following benefits:

• Another method of SQL Server authentication
• Controlling the password change for a centralized location
• Assigning user permissions on the database level
• Support of token-based authentication for the applications that connect to the database
• Protection of user profiles across the database servers
• Avoidance of the need to store passwords, as you will be able to use different methods of authentication, which we will cover shortly

In the next chapter, Azure Active Directory will be covered in more detail.

To enable Azure AD authentication for Azure SQL Database, follow these steps:

1. Navigate to the Azure SQL Server that you want to enable this feature for.

2. Under Settings, click on Active Directory admin, as shown in the following screenshot:

3. Click on Set admin, and a new blade will open, in which you can choose the AD user that you want to grant access to that SQL Server, as shown in the following screenshot:

4. Once you are done, click on Save:

5. If you want to connect to Azure SQL Database using your Azure AD user, you can select one of the following authentication methods:
   • Active Directory - Universal with MFA support: You can use this option if MFA is enabled for the AD user that you will be logging in with.
   • Active Directory - Password: With this option, you can set the AD user and password manually, in the SSMS.
   • Active Directory - Integrated: This option should be used if you are logged into the machine using your Azure AD user, and you will not have to enter the username and password to log in, as the credentials that you used to log into the machine will be considered.

The following screenshot depicts the Active Directory – Password option: