![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 76%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETS%3C/text%3E%3C/svg%3E)
3,281 questions
Hi @Tech Santosh · Welcome to Q&A platform and thanks for your query.
The above requirements can be achieved by using B2B User Flow.
i) Access the application & they can onboard and additional users(contractors) as guest users in Azure tenant B.
For this purpose, you need to navigate to:
Azure Active Directory > External Identities > User flows > +New user flow
While creating new user flow, Azure AD Sign up is selected by default as highlighted below. This will allow users in other Azure AD tenant to perform self service sign up and a guest user account will be added in your tenant.
ii) Azure tenant B users to mange the access (via groups that exist in Azure tenant A) for their guest users.
If I understood it correctly, you want to add the guest users to specific groups in Tenant A for access management. You can leverage step 3 of user flow for this purpose where you can require user to specify a value for a custom attribute e.g. UserRole during self service signup. You can then create a dynamic group with query that adds users with UserRole=Contractor to ContractorGroup for instance.
To see the experience, you can try accessing my test application https://crafts.cloud365.in and on the sign in page click on create account link highlighted below:
For step by step instructions on User flows, please refer to https://learn.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-user-flow
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.