b2b direct federation between two azure ad tenant

stavros mitchell 51 Reputation points
2020-05-01T12:22:24.537+00:00

Hello I am just curious i have a few questions from a customer
is there a way to do b2b direct federation between two azure ad tenant.
can you do a b2b direct federation between azure ad and and an on premise AD

thanks

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,633 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,301 Reputation points
    2020-05-02T09:17:44.487+00:00

    @stavros mitchell , Please find answer to your questions below:

    1. B2B direct federation between two azure ad tenant: This cannot be done as the requirement for B2B direct federation is, the domain should not be added as a verified domain under any tenant within Azure.
    2. B2B direct federation between azure ad and and an on premise AD: This can be done with the help of ADFS server, provided the domain is not verified in any Azure tenant. Refer to https://learn.microsoft.com/en-us/azure/active-directory/b2b/direct-federation-adfs for more details.

    If the domain you are trying to add using B2B direct federation is added as verified domain under any Azure Tenant, you will encounter error your_domain.com cannot be used for direct federation as it is a verified domain on an Azure AD tenant.

    -----------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.