Most organizations do not have a single, accurate inventory of all applications in use. Users often adopt cloud apps without IT approval, legacy systems remain in place for years, and authentication methods vary widely across apps.
Before enforcing access policies or SSO, administrators must first answer key questions:
Which applications are being used.
How users authenticate to those applications.
Whether authentication can be centralized in Microsoft Entra.
Who should manage applications and at what privilege level.
This module introduces the tools and processes used to answer these questions. It emphasizes visibility first, control second, which is a recurring design principle in Microsoft Entra.