Microsoft Azure AD B2B Articles
Microsoft Azure AD B2B Articles in Perfect Harmony with EUM
Azure Business-to-Business (B2B) is a service that our Extranet User Manager solution and team fully support! For that reason, we have organized and will keep current, all of the latest resources available on this service which is offered directly from Microsoft. This valued service allows us to create a perfectly paired hybrid solution between Azure B2B and Extranet User Manager. While we utilize Azure B2B to perform the authentication, our Extranet User Manager solution offers enhanced account management, customizable self registration options, and ultimately enables delegation from IT to your business users. This will empower your organization to achieve more when collaborating and sharing information externally!
Jump to article summary:
- Billing model for Azure AD External Identities
- What is Azure AD entitlement management?
- What are Azure AD access reviews?
- Restrict guest user access permissions - Azure Active Directory
- Azure Active Directory B2B collaboration FAQs
- Add Google as an Identity Provider for B2B Guest Users
- Enforce Multi-Factor Authentication for B2B Guest Users
- Email One-Time Passcode Authentication (preview)
- Azure AD Makes Sharing and Collaboration Seamless for Any User with Any Account
- Exciting Improvements to the B2B Collaboration Experience
- Application management with Azure Active Directory
- Conditional Access for B2B Collaboration Users
- Billing model for Azure AD External Identities
- Azure Active Directory B2B: Collaboration Made Efficient and Secure
- Dynamic Groups and Azure Active Directory B2B Collaboration
- What is guest user access in Azure Active Directory B2B?
- Getting Support for B2B Collaboration
- Properties of An Azure Active Directory B2B Collaboration User
- Azure Active Directory B2B Collaboration Invitation Redemption
- Microsoft 365 external sharing and Azure Active Directory (Azure AD) B2B collaboration
- Self-Service Portal for Azure Active Directory B2B Collaboration Sign-Up
- Configure SaaS Apps for B2B Collaboration
- Delegate Invitations for Azure Active Directory B2B Collaboration
- How users in your organization can invite guest users to an app
- Limitations of Azure Active Directory B2B Collaboration
- The Elements of The B2B Collaboration Invitation Email
- Auditing and Reporting a B2B Collaboration User
- Azure Active Directory B2B Collaboration API And Customization
- Bulk invite Azure AD B2B collaboration users
- Add B2B collaboration guest users without an invitation link or email
- B2B Collaboration User Claims Mapping in Azure Active Directory
- What are External Identities in Azure Active Directory?
- Grant Permissions to Users from Partner Organizations in Your Azure Active Directory Tenant
- Add Azure Active Directory B2B collaboration users in the Azure portal
- Azure Active Directory B2B Ideas
- Use Office 365 SharePoint Online as A Business-To-Business (B2B) Extranet Solution
Billing model for Azure AD External Identities
September 21, 2020
Azure Active Directory (Azure AD) External Identities pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. This billing model applies to both Azure AD guest user collaboration (B2B) and Azure AD B2C tenants..
September 30, 2020
Azure Active Directory (Azure AD) entitlement management is an identity governance feature that enables organizations to manage identity and access lifecycle at scale, by automating access request workflows, access assignments, reviews, and expiration..
Septmeber 8, 2020
Azure Active Directory (Azure AD) access reviews enable organizations to efficiently manage group memberships, access to enterprise applications, and role assignments. User's access can be reviewed on a regular basis to make sure only the right people have continued access
Restrict guest user access permissions - Azure Active Directory
September 4, 2020
Azure Active Directory (Azure AD) allows you to restrict what external guest users can see in their organization in Azure AD. Guest users are set to a limited permission level by default in Azure AD, while the default for member users is the full set of default user permissions. This is a preview of a new guest user permission level in your Azure AD organization's external collaboration settings for even more restricted access.
March 19, 2020
These frequently asked questions (FAQs) about Azure Active Directory (Azure AD) business-to-business (B2B) collaboration are periodically updated to include new topics.
May 11, 2020
By setting up federation with Google, you can allow invited users to sign in to your shared apps and resources with their own Google accounts, without having to create Microsoft Accounts (MSAs) or Azure AD accounts.
April 10, 2019
When collaborating with external B2B guest users, it’s a good idea to protect your apps with multi-factor authentication (MFA) policies. Then external users will need more than just a user name and password to access your resources. In Azure Active Directory (Azure AD), you can accomplish this goal with a conditional access policy that requires MFA for access.
May 11, 2020
Learn how to opt into the one-time passcodes preview by going through the tutorial in this article. The email one-time passcode feature authenticates B2B guest users when they can't be authenticated through other means like Azure AD, a Microsoft account (MSA), or Google federation. With one-time passcode authentication, there's no need to create a Microsoft account. When the guest user redeems an invitation or accesses a shared resource, they can request a temporary code, which is sent to their email address. Then they enter this code to continue signing in.
January 28, 2019
First initial announcement made by Alex Simons about the B2B Collaboration public preview of email one-time passcodes (OTP), which lets you support B2B sharing with anyone in the world with an email account! With email OTP, any partner who doesn't have an existing Microsoft-backed account or Google social ID can seamlessly access shared resources and collaborate without having to create a new account which was a big hurdle for adoption of B2B for many organizations.
September 7, 2018
More and more organizations are using Azure AD B2B collaboration capabilities to connect with other organizations. This post from Alex Simons announces three important improvements to the B2B collaboration experience that not only improve the end-to-end experience of partner users accessing your resources, but also help support your organization's obligations under the GDPR.
July 1, 2020
This article contains a list of all documents that are written surrounding the various application related features within Azure Active Directory. At a high-level, the list includes overview articles, troubleshooting articles, single sign on (SSO) articles, applications and Azure AD articles, as well as managing access to applications articles.
September 11, 2017
Azure Active Directory B2B can enforce Multi-Factor Authentication (MFA) for B2B users. The policies that determine when the MFA is triggered are enforced at the resource organization. This article contains informative step by step sequence videos of both the administrator's role in enabling MFA for B2B collaboration users as well as the end user redemption experience.
September 1, 2020
No longer do you have to dread the word licensing as this article helps provide clarification and guidance surrounding your Azure Active Directory B2B licensing. At a high level, you need to determine the Azure AD capabilities your external B2B guest users will require as that will drive the number of Azure AD paid licenses you require. Advanced features such as Multi-Factor Authentication or conditional access require an Azure AD Premium license as the Azure AD Basic license does not support these functionalities. Currently, an Azure AD paid license allows for a ratio of 5:1; 5 B2B collaboration users per 1 paid Azure AD license. This article additionally paints some licensing examples to help you determine the required licenses for your users and differentiates a guest user from a normal user.
June 29, 2017
In this webinar from Oxford Computer Group's Chris Lloyd, he looks at the B2B service and demonstrates an example of a self-registration portal. With API access now enabled, organizations can build self-service portals.
February 28, 2020
This article defines what exactly dynamic groups are. With a single click an “All Users" dynamic group can be created from the Group Settings view. You can further secure this group by excluding guests through a rule. On the flip side, you can create dynamic groups that only contain guest users.
August 5, 2020
An overview of Azure AD B2B, the key benefits, and how you can easily add B2B collaboration users to your organization.
August 28, 2017
This article outlines what steps you need to take to get support for B2B if something is not working properly.
June 19, 2020
This article touches on the key properties of an Azure AD B2B collaboration user. Learn how an Azure AD B2B user can be added as a member instead of a guest. Use a filter to see only guest users in the directory. Convert the UserType from member to guest and vice versa using PowerShell. And see how guest user limitations can be removed.
May 11, 2020
Understanding your external partner audience and the user experience they expect can help you gauge whether leveraging Azure B2B collaboration is the right solution for your scenario. This article explains two cases of invitation redemption, the first is for existing Azure AD accounts or Microsoft accounts and the second is for a Social ID user first-time redemption (Gmail). There is a video to depict this process that follows this sequence:
- Invite a user from SampleOrganization with their Gmail Address
- Invitee receives Azure B2B collaboration email and clicks “Get Started"
- Clicks next of the redemption page
- Creates password for Microsoft account with original Gmail Address
- Enters 4-digit verification code that was sent to their Gmail Address
- Azure AD redeems their invitation and provides access to desired applications
June 24, 2020
External sharing is technically the same in both Office 365 and Azure AD B2B. This article outlines the subtle differences between how OneDrive/SharePoint Online external sharing works and how Azure AD B2B collaboration works.
February 12, 2020
With Microsoft's API, users from partner companies can sign themselves up to the inviting organization themselves. There is a set of policies in place that the inviting organization controls as well as rules that determine which apps they can access. The project is published on GitHub. The sample code should be customized by your dev team or a partner.
May 22, 2017
Azure Active Directory B2B collaboration is compatible with many applications that integrate with Azure AD. This article contains step-by-step instructions for configuring two of the more popular SaaS apps with Azure AD B2B.
September 15, 2020
Users can be assigned to the Guest Inviter role to send out invitations. The invitation policies are completely customizable for who can send invitations.
December 18, 2018
Information workers can use the Application Access Panel to add B2B collaboration users to groups and applications that they administer.
May 29, 2019
This article describes the current limitations of Azure AD B2B collaboration, which include:
- Possible double multi-factor authentication
- The fact that it is instant-on
April 15, 2020
The invitation email will be the first interaction your partner has with your Office 365/SharePoint Online environment. Ensuring that email contains the desired elements to gain the trust of that external partner user is crucial to the success of Azure B2B based collaboration. This article will review the following elements:
- From address
- Reply to
- Call to action
- Footer section
May 11, 2020
The auditing capabilities of guest users is similar to that of member users. You can get the full details and export the logs to a reporting tool of your choice.
April 10, 2017
Often the Out of Box experience does not quite fit your organizational external collaboration scenario and you'd like to enhance that experience for your external users. Microsoft's Azure Active Directory B2B collaboration API allows you to achieve this. The API contains several new capabilities and supports two authorization modes. Additionally, PowerShell can now be used to add and invite external users to your organization.
May 5, 2020
Using PowerShell, external users can be invited in bulk to an organization from email addresses stored in a .CSV file. The example is outlined step-by-step. And in a sample of code it is illustrated how to call the invitation API in app-only mode to get the redemption URL for the resource. The goal of this is to send a custom invitation email to the user.
August 5, 2020
This article deals with appointing a Guest user as a partner representative at the partner organization. Once granted enumeration privileges in the partner directory, they will have the ability to add additional users from that partner organization without the need for invitations to be redeemed.
April 5, 2018
Learn about the reasons why you might need to edit claims issued in the SAML token.
August 5, 2020
Compare the capabilities of each offering of B2B and B2C and how they differ. Some of the things compared include:
- Who it is intended for
- Identities supported
- Security policy and compliance
- And many others
May 7, 2018
By default, guest users' permissions are restricted in the directory. Depending on your organization's needs, guest users can be added to the global administrator role as well as the limited administrator role.
May 19, 2020
Global Admins and limited admins can use the Azure portal to invite B2B collaboration users to the directory, to any group, or to any application.
Submit your ideas to Microsoft for new Azure Active Directory B2B features. The feedback is monitored and reviewed by the Microsoft engineering teams responsible for the product.
May 21, 2018
Learn about some of the key features of collaborating through SharePoint Online. When you make the switch to Office 365 for B2B extranet sites there are time-to-value and cost savings, sharing is much more secure, the collaboration is seamless, and you have full control over governance and audit reporting. See the new Office 365 Hybrid Extranet compared to the traditional SharePoint On-Premises Extranet and learn why you should make the switch to Office 365.