Thank you for posting your query on Q&A, PFB response to your queries.
- We are planning to create a new Active Directory, which is separate from the existing AD. This new AD will be used only for SSO (to both HubSpot and our Application deployed in other Azure subscription). What will be the cost for this AD? Shall we do this SSO in free-tier itself, or do we need purchase Premium tiers (P1 or P2)?
To enable SSO between HubSpot and Azure AD, you need add HubSpot from the gallery to your list of managed SaaS apps with in same AD with which you want to enable SSO as it is not a multitenant application.
With the free edition of Azure AD end users who have been assigned access to software as a service (SaaS) apps can get single sign-on access to unlimited number of cloud apps. On-premises apps require Azure AD Application Proxy or secure hybrid partnerships integrations available with Azure AD Premium P1 and Premium P2.
- We are going to add only the guest users in the new AD. Is it possible to achieve the requirement (SSO for HubSpot and Application) with only guest users? What will be the cost in adding guest users to the account? Any user account added to application will be able to access the application as they would be registered with Azure AD. There won't be any additional cost associated.
Thanks,
Akshay Kaushik
Please "Accept the answer" (Yes/No), and share your feedback if the suggestion works as per your business need. This will help us and others in the community as well.