Microsoft Azure AD B2B Articles

Microsoft Azure AD B2B Articles in Perfect Harmony with EUM

Azure Business-to-Business (B2B) is a service that our Extranet User Manager solution and team fully support! For that reason, we have organized and will keep current, all of the latest resources available on this service which is offered directly from Microsoft. This valued service allows us to create a perfectly paired hybrid solution between Azure B2B and Extranet User Manager. While we utilize Azure B2B to perform the authentication, our Extranet User Manager solution offers enhanced account management, customizable self registration options, and ultimately enables delegation from IT to your business users. This will empower your organization to achieve more when collaborating and sharing information externally!

Jump to article summary:


October 28, 2018

These frequently asked questions (FAQs) about Azure Active Directory (Azure AD) business-to-business (B2B) collaboration are periodically updated to include new topics.

Back to top

December 16, 2018

By setting up federation with Google, you can allow invited users to sign in to your shared apps and resources with their own Google accounts, without having to create Microsoft Accounts (MSAs) or Azure AD accounts.

Back to top

June 6, 2018

When collaborating with external B2B guest users, it’s a good idea to protect your apps with multi-factor authentication (MFA) policies. Then external users will need more than just a user name and password to access your resources. In Azure Active Directory (Azure AD), you can accomplish this goal with a conditional access policy that requires MFA for access.

Back to top

January 24, 2019

Learn how to opt into the one-time passcodes preview by going through the tutorial in this article. The email one-time passcode feature authenticates B2B guest users when they can't be authenticated through other means like Azure AD, a Microsoft account (MSA), or Google federation. With one-time passcode authentication, there's no need to create a Microsoft account. When the guest user redeems an invitation or accesses a shared resource, they can request a temporary code, which is sent to their email address. Then they enter this code to continue signing in.

Back to top

January 28, 2019

First initial announcement made by Alex Simons about the B2B Collaboration public preview of email one-time passcodes (OTP), which lets you support B2B sharing with anyone in the world with an email account! With email OTP, any partner who doesn't have an existing Microsoft-backed account or Google social ID can seamlessly access shared resources and collaborate without having to create a new account which was a big hurdle for adoption of B2B for many organizations.

Back to top

May 14, 2018

More and more organizations are using Azure AD B2B collaboration capabilities to connect with other organizations. This post from Alex Simons announces three important improvements to the B2B collaboration experience that not only improve the end-to-end experience of partner users accessing your resources, but also help support your organization's obligations under the GDPR.

Back to top

October 29, 2018

This article contains a list of all documents that are written surrounding the various application related features within Azure Active Directory. At a high-level, the list includes overview articles, troubleshooting articles, single sign on (SSO) articles, applications and Azure AD articles, as well as managing access to applications articles.

Back to top

September 11, 2017

Azure Active Directory B2B can enforce Multi-Factor Authentication (MFA) for B2B users. The policies that determine when the MFA is triggered are enforced at the resource organization. This article contains informative step by step sequence videos of both the administrator's role in enabling MFA for B2B collaboration users as well as the end user redemption experience.

Back to top

September 24, 2018

Watch the Ignite Session about the latest Azure Active Directory B2B collaboration features with exciting demos to delve deeper into them. This product connects organizations across all platforms and devices, as well as across on-premises and cloud deployments.

Back to top

October 3, 2018

No longer do you have to dread the word licensing as this article helps provide clarification and guidance surrounding your Azure Active Directory B2B licensing. At a high level, you need to determine the Azure AD capabilities your external B2B guest users will require as that will drive the number of Azure AD paid licenses you require. Advanced features such as Multi-Factor Authentication or conditional access require an Azure AD Premium license as the Azure AD Basic license does not support these functionalities. Currently, an Azure AD paid license allows for a ratio of 5:1; 5 B2B collaboration users per 1 paid Azure AD license. This article additionally paints some licensing examples to help you determine the required licenses for your users and differentiates a guest user from a normal user.

Back to top

June 29, 2017

In this webinar from Oxford Computer Group's Chris Lloyd, he looks at the B2B service and demonstrates an example of a self-registration portal. With API access now enabled, organizations can build self-service portals.

Back to top

December 13, 2017

This article defines what exactly dynamic groups are. With a single click an “All Users" dynamic group can be created from the Group Settings view. You can further secure this group by excluding guests through a rule. On the flip side, you can create dynamic groups that only contain guest users.

Back to top

September 13, 2018

An overview of Azure AD B2B, the key benefits, and how you can easily add B2B collaboration users to your organization.

Back to top

May 26, 2017

This article outlines what steps you need to take to get support for B2B if something is not working properly.

Back to top

February 11, 2019

This article touches on the key properties of an Azure AD B2B collaboration user. Learn how an Azure AD B2B user can be added as a member instead of a guest. Use a filter to see only guest users in the directory. Convert the UserType from member to guest and vice versa using PowerShell. And see how guest user limitations can be removed.

Back to top

December 13, 2018

Understanding your external partner audience and the user experience they expect can help you gauge whether leveraging Azure B2B collaboration is the right solution for your scenario. This article explains two cases of invitation redemption, the first is for existing Azure AD accounts or Microsoft accounts and the second is for a Social ID user first-time redemption (Gmail). There is a video to depict this process that follows this sequence:

  • Invite a user from SampleOrganization with their Gmail Address
  • Invitee receives Azure B2B collaboration email and clicks “Get Started"
  • Clicks next of the redemption page
  • Creates password for Microsoft account with original Gmail Address
  • Enters 4-digit verification code that was sent to their Gmail Address
  • Azure AD redeems their invitation and provides access to desired applications

Back to top

May 24, 2017

External sharing is technically the same in both Office 365 and Azure AD B2B. This article outlines the subtle differences between how OneDrive/SharePoint Online external sharing works and how Azure AD B2B collaboration works.

Back to top

May 7, 2018

With Microsoft's API, users from partner companies can sign themselves up to the inviting organization themselves. There is a set of policies in place that the inviting organization controls as well as rules that determine which apps they can access. The project is published on GitHub. The sample code should be customized by your dev team or a partner.

Back to top

May 22, 2017

Azure Active Directory B2B collaboration is compatible with many applications that integrate with Azure AD. This article contains step-by-step instructions for configuring two of the more popular SaaS apps with Azure AD B2B.

Back to top

December 13, 2018

Users can be assigned to the Guest Inviter role to send out invitations. The invitation policies are completely customizable for who can send invitations.

Back to top

December 18, 2018

Information workers can use the Application Access Panel to add B2B collaboration users to groups and applications that they administer.

Back to top

May 22, 2017

This article describes the current limitations of Azure AD B2B collaboration, which include:

  • Possible double multi-factor authentication
  • The fact that it is instant-on

Back to top

February 5, 2019

The invitation email will be the first interaction your partner has with your Office 365/SharePoint Online environment. Ensuring that email contains the desired elements to gain the trust of that external partner user is crucial to the success of Azure B2B based collaboration. This article will review the following elements:

  • Subject
  • From address
  • Reply to
  • Branding
  • Call to action
  • Body
  • Footer section

Back to top

December 13, 2018

The auditing capabilities of guest users is similar to that of member users. You can get the full details and export the logs to a reporting tool of your choice.

Back to top

April 10, 2017

Often the Out of Box experience does not quite fit your organizational external collaboration scenario and you'd like to enhance that experience for your external users. Microsoft's Azure Active Directory B2B collaboration API allows you to achieve this. The API contains several new capabilities and supports two authorization modes. Additionally, PowerShell can now be used to add and invite external users to your organization.

Back to top

Auguest 13, 2018

Using PowerShell, external users can be invited in bulk to an organization from email addresses stored in a .CSV file. The example is outlined step-by-step. And in a sample of code it is illustrated how to call the invitation API in app-only mode to get the redemption URL for the resource. The goal of this is to send a custom invitation email to the user.

Back to top

May 20, 2018

This article deals with appointing a Guest user as a partner representative at the partner organization. Once granted enumeration privileges in the partner directory, they will have the ability to add additional users from that partner organization without the need for invitations to be redeemed.

Back to top

April 5, 2018

Learn about the reasons why you might need to edit claims issued in the SAML token.

Back to top

January 1, 2019

Compare the capabilities of each offering of B2B and B2C and how they differ. Some of the things compared include:

  • Who it is intended for
  • Identities supported
  • Lifecycle
  • Security policy and compliance
  • Branding
  • And many others

Back to top

May 7, 2018

By default, guest users' permissions are restricted in the directory. Depending on your organization's needs, guest users can be added to the global administrator role as well as the limited administrator role.

Back to top

February 5, 2019

Global Admins and limited admins can use the Azure portal to invite B2B collaboration users to the directory, to any group, or to any application.

Back to top

Multiple Dates

Submit your ideas to Microsoft for new Azure Active Directory B2B features. The feedback is monitored and reviewed by the Microsoft engineering teams responsible for the product.

Back to top

May 21, 2018

Learn about some of the key features of collaborating through SharePoint Online. When you make the switch to Office 365 for B2B extranet sites there are time-to-value and cost savings, sharing is much more secure, the collaboration is seamless, and you have full control over governance and audit reporting. See the new Office 365 Hybrid Extranet compared to the traditional SharePoint On-Premises Extranet and learn why you should make the switch to Office 365.

Back to top


{~PageContent2~}