Please clarify what licenses are needed exactly

[gijsebaert]

It is very unclear for me what licenses every user needs for the Identity Governance.

• Could there be clarifications on what users need P1, P2 or Governance license? Administrators that configure need a P2 or Governance license, but what about users that will make use of an ID Governance feature?

• What about external users? Are they out of scope for these licenses or do we need to bring on a license for every external user?

Kind regards, Gilles Ijsebaert

---

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: c48d98ed-5170-140d-59cc-344c755311cc
• Version Independent ID: 0ace47ad-ae37-5b99-0bc0-63f0d05f8ed6
• Content: Microsoft Entra ID Governance licensing fundamentals - Microsoft Entra
• Content Source: articles/active-directory/governance/licensing-fundamentals.md
• Service: active-directory
• Sub-service: hybrid
• GitHub Login: @billmath
• Microsoft Alias: billmath

[SaibabaBalapur-MSFT]

@gijsebaert It would be great if you could add a link to the documentation you are following for these steps? This would help us redirect the issue to the appropriate team. Thanks!!

[gijsebaert]

Ofcourse, it can be found over here! I was to quick, I'm sorry for that!

https://learn.microsoft.com/en-us/azure/active-directory/governance/licensing-fundamentals

[SaibabaBalapur-MSFT]

@gijsebaert Regarding the licenses required for users, creating eligible authorizations requires an Enterprise Mobility + Security E5 (EMS E5) or Azure AD Premium P2 license. The EMS E5 or Azure AD Premium P2 license must be held by the managing tenant, not the customer tenant.

Any extra costs associated with an eligible role will apply only during the period of time in which the user elevates their access to that role.

For more information about licenses for users, you can refer to the following document. License requirements to use Privileged Identity Management.

Since this issue isn't directly related to improving our docs, and to gain a better understanding of your issue, I'd recommend working closer with our Q&A forum by posting your issue there so our community, and MVPs can further assist you in troubleshooting this issue or finding potential workarounds. Teams Q&A forum for technical questions about the configuration and administration of Microsoft Teams on Windows.Microsoft Teams Community forum.

I hope this helps! Let me know if you have any other questions.