Share via

Azure b2B

Mohamed jihad bayali 1,141 Reputation points
2022-10-01T10:59:36.127+00:00

Hello Team,

I'm new to Azure, and i have a question/scenario about Azure B2B,

Let's assume i have an Azure tenant, and i want some external user (From an external Azure tenant) to access my ressources,

I will configure Azure B2B for that matter, my question is as follow

When i will invite an external user to my tenant via Azure B2B, once he will get the email notification, he will be able to sign in with his own credentials to my tenant, or he will be redirected to a portal when he will register, and then his new account will be created on my tenant?

And how can i identify B2B users (Invited users) on my Azure AD tenant ?

Thank you

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments
Answer accepted by question author
  1. Graham Moor 81 Reputation points
    2022-10-01T19:59:59.987+00:00

    When you invite a user to your tenant using an externally provided account, they become a guest account in your tenant, they will connect into the portal and likely go to their home tenant. They will need to change directory to do to your tenant. He won't need to use any other credentials, but access in your tenant will be limited to which resources you have granted the guest account access to.

    To identify b2b users, generally, you will go to AAD and filter in member type = Guest (unless you have converted accounts to member), in which case you can search on those which have an 'invitation accepted' status of yes.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sreeju Nair 12,756 Reputation points
    2022-10-01T12:11:39.65+00:00
    0 comments
  2. Sandeep G-MSFT 21,121 Reputation points Microsoft Employee Moderator
    2022-10-12T03:29:11.99+00:00

    @Mohamed jihad bayali

    When you invite a guest user to your tenant, authentication for that user always happens in home tenant.
    For example: User from tenant A is invited to Tenant B. There is an invitation sent to user from tenant A. Once user accepts the invitation, they will be provisioned in Tenant B as a guest user.
    Whenever user from tenant A tries to access resources from tenant B, authentication for user always happens in tenant A.

    Post authentication user will be redirected to the resource in tenant B.

    To identify guest users in tenant B, you can look at the user blade in Azure AD tenant B and the "user type" of guest users will be shown as "Guest".

    249557-image.png

    Let me know if you have any further questions on this.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.