Solutions for External Access (part 1 of 3)
To read part 2, please click here
To read part 3, please click here
Azure AD B2B Guest User Access Explained
Azure AD Business-to-Business (B2B) collaboration helps you to safely share your company's applications and services with the guest users from any other organization while also maintaining control over your own corporate data. Your company's resources can be easily accessed by a simple invitation and redemption process so that the partners can use their own credentials for the same. Azure AD B2B APIs can be used to customize the invitation process or write applications such as self-service sign-up portals.
Collaborate with any partner using their identities
The partners can use their own identity management solution with the help of Azure B2B so that there is no external administrative overhead for your organization. Other attributes are:
- The partners uses their own identities and credentials, hence Azure AD is not needed.
- You don't have to manage external accounts or password.
- You don't have to sync accounts or manage account lifecycles.
Invite guest users with simple invitation & redemption process
Guest users can sign in to your apps and services with their own work, school, or social identities but if they don't have a Microsoft account or an Azure AD account, then, one can be created after the redemption of their invitation. Other attributes are:
- Invite guest users with the help of email identity of their choice.
- Send a direct link to an app, or send an invitation to the guest user's own Access Panel.
- Guest users follow a few simple redemption steps to sign in.
Use policies to securely share your apps & services
Authorization policies can be used to protect your corporate content and Conditional Access policies like multi-factor authentication can be enforced:
- At the tenant level.
- At application level.
- For specific guest users to protect corporate apps and data.
Easily add guest users in the Azure AD portal
You can easily add guest users to your organization as an administrator in the Azure portal.
- Create a new guest user in Azure AD, similar to how you'd add a new user.
- The guest user immediately receives a customizable invitation that lets them sign in to their Access Panel.
- Guest users in the directory can be assigned to apps or groups.
Comments
Post a Comment