Share via

External Identity in azure AD

Manuji 40 Reputation points
2023-03-08T18:57:07.8166667+00:00

Hello Team,

We have synced our on prem AD with azure AD and have azure AD premium license for this hybrid deployment.

We are hosting our application in our azure tenant. We want to give access to this app to external users. Is it possible we have can these external users in our on prem AD and and sync this with our own azure AD by creating OU or create a child domain under our own prod domain and sync them to our existing azure AD to enforce self service password reset and mfa for these external users?

Also what happens if we are hosting applications on prem and want to give access to external users which are not part of our domain? we would like to manage these users from azure AD.

Can these external users bring any login work , school , gmail, ms account etc and can be all managed from our own azure AD tenant?

Microsoft Security | Microsoft Entra | Microsoft Entra External ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,511 Reputation points
    2023-03-08T21:33:39.48+00:00

    Hi,

    I will suggest you to review the Azure B2C Solutio for providing the access to the application this applies to external users.

    https://learn.microsoft.com/en-us/azure/active-directory/external-identities/external-identities-overview

    Also for your onpremise app if you have ADFS you can extend it to Azure and this way you can allow access to the exernal users via Azure B2C - https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/identity/adfs

    Hope this helps.

    JS

    ==

    Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.