You can "craft" your own invitation links and add the corresponding redirect uri, as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/customize-invitation-api
How are they signing/accessing the workspace? Generally speaking, they should be using the invitation link or properly crafted "smart link".
Need help creating accounts for guest users on Azure

Hello,
I need to add a bunch of users to our corporate account on Azure. They are not our company employees, so their emails don't end with our corporate domain. What we want them to do is give them access to create resources such as Text Analytics, Computer Vision.
I have created an AAD app where I invite them to join. Then, I created a resource group and created role assignments for a group of members through Access control (IAM).
However, when a user accepts the invitation to join, they are redirected here: myapplications.microsoft.com
Instead, I want users to be redirected to Azure directly. Is that possible?
Also, when a user goes to portal.azure.com, they are able to sign in to our workspace but to use any resource, they have to create a profile. Is there no way around that - can I, as an admin, create profiles for them to skip all these steps they have to take?
Thank you.
3 answers
Sort by: Most helpful
-
Vasil Michev 113.8K Reputation points MVP
2021-11-12T09:02:30.013+00:00 -
AmanpreetSingh-MSFT 56,761 Reputation points
2021-11-12T09:24:20.947+00:00 Hi @Ava Dobreva • Thank you for reaching out.
When you invite guest users via Azure Portal, the invitation redemption URL by default is configured to redirect the users to the My Apps portal and canNOT be changed/configured.
However, to add guest users in your tenant, you can use graph call, which allows you to specify the inviteRedirectUrl where users should get redirected after they redeem the invite.
To test it out, please follow the below steps:
- Sign in to Graph Explorer as Global Admin or use an account that has permissions to invite users.
- Use the below Graph call:
Call :
POST https://graph.microsoft.com/beta/invitations
Body:
{ "invitedUserEmailAddress": "test_user@example.com", "inviteRedirectUrl": "https://portal.azure.com" }
- From the response, copy the value of inviteRedeemUrl and sign in as test_user@ssss .com.
- After successfully redeeming the invite, notice that the user gets redirected to Azure Portal and not My Apps portal.
Note :
Under modify permissions section, you need to consent for the below permissions:
User.Invite.All, User.ReadWrite.All, Directory.ReadWrite.All
I am not sure about the workspace profile setup, but AFAIK, if any app/resource cannot automatically fetch the user profile information from Azure AD, it has to be done by the end-users only.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
-
Ava Dobreva 46 Reputation points
2021-11-15T00:42:54.053+00:00 Thank you very much for the answers, and especially @AmanpreetSingh-MSFT for the detailed answer.
However, for anyone who finds this question and can't set up the Graph integration by themselves, there is a very easy way to personalize the invitation and the redirect URL: the bulk invite option.
Download the CSV file and just edit everything in there, and then upload. Works seamlessly.