Azure AD for B2B SaaS app

mlcubed 41 Reputation points
2022-12-23T16:53:30.763+00:00

Hello, I have trouble understanding the capabilities of Azure AD: I am developing a B2B SaaS application and would like to use an identity-as-a-service provider. Inside my app there are organizations and users, and organization admins should be able to manage users inside the organization. I would also like to support self-sign-up (a user can sign up and create an organization and subsequently manage this organization). Does Azure AD multi-tenant support this? I want to avoid implementing user management functionalities from scratch. Thank you

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,760 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 11,166 Reputation points Microsoft Employee
    2022-12-27T06:28:24.017+00:00

    Hi @mlcubed ,

    Thanks for reaching out.

    Yes, Azure Active Directory (Azure AD) is a multi-tenant identity-as-a-service provider that supports the scenarios you described. It allows you to manage users and organizations within your B2B SaaS application and provides support for self-service sign-up which will help you to avoid the need to build these capabilities from scratch.

    With Azure AD, you can allow users to sign up for your application using their corporate email address and create an organization within your application. These users can then be designated as organization admins and given the ability to manage other users within their organization.

    Azure Active Directory (Azure AD) B2B collaboration is a feature within External Identities that lets you invite guest users to collaborate with your organization. With B2B collaboration, you can securely share your company's applications and services with external users, while maintaining control over your own corporate data.

    With Azure AD, you can use the Azure AD Graph API to programmatically manage users and organizations within your application. For example, you can use the API to create new organizations, add or remove users from organizations, and assign different roles to users.

    Reference: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/configure-saas-apps
    https://learn.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator
    https://learn.microsoft.com/en-us/azure/active-directory/external-identities/external-collaboration-settings-configure

    Hope this will help.
    Thanks,
    Shweta

    ------------------

    Please remember to "Accept Answer" if answer helped you.

    No comments