A workload identity is an identity used by a software workload (such as an application, service, script, or container) to authenticate and access other services and resources. In the world of Microsoft, we think of this as an application, a service principal, or a managed identity. These accounts differ from traditional user accounts as they can’t perform multi-factor authentication, they don’t usually have a formal lifecycle process, and there’s usually a need to store credentials or secrets somewhere. These differences make workload identities harder to manage and put them at risk for compromise. Join Shannon as she talks about some of the newer features in public preview that can be configured within Azure AD tenants to provide visibility, mitigate risk, and protect your environment with these accounts that aren’t like traditional user accounts.