Unable to assign workforce tenant group to external tenant enterprise application

Waylon Smith 0 Reputation points
2024-11-16T01:25:58.3333333+00:00

I am the global admin for a workforce tenant (tenant A) and an external tenant (tenant B). I want to be able to assign a group of users from tenant A to an enterprise application within tenant B. I've gone through the steps of setting up the inbound and outbound B2B collaboration settings - via external ID in Entra - and even explicitly adding the group in the workforce tenant; but I still cannot select the workforce tenant group when trying to assign a group to the enterprise application in tenant B. Is this even possible? I don't know what I might be doing wrong at this point.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,451 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Thameur-BOURBITA 33,976 Reputation points
    2024-11-17T20:09:33.1733333+00:00

    Hi @Waylon Smith

    To assign a user from tenant A to entreprise application you should use a admin account with

    One of the following roles in tenant B : Cloud Application Administrator, Application Administrator, or owner of the service principal.

    I think the account in tenant A you used haven't any role mentioned above.

    For more information please refer to the following link : Prerequisites


    Please don't forget to accept helpful answer



Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.