How to make 2 AD tenants authenticate between each other?

Question

I am a service provider which develops PBI reports to multiple clients.
I manage the PBI account and tenants for my clients. For each client I create a new tenant which I manage for them. In this tenants I keep all the PBI fils (PBIX), reports and datasets.
If my client already has a 365 account (for his email, teams etc) I create a new tenant in addition to the one he uses.

For example: the client private tenant is @ABCcompany.com. in this tenant, the client has his email account, teams, Office 365 etc.
I create a tenant @BIABCcompany. This tenant stores the PBI account.

In the current situation, shen the client wants to use the BI reports , he need to log out of his private 365 tenant (@ABCcompany.com) and log in to (BIABCcompany.com).

My final goals are:

• I want to remove this sign in and sign out step, but I don’t want to store the PBI files (PBIX) files on the client tenants.
• I want that my client will be able to consume the PBI reports on Microsoft teams while he signing to his tenants (@ABCcompany.com)

As I imagine this, I need to make both tenants to talk to teach other and be able to aunticate between one to each other?
I this possible?

What I need to do? I read about guests accounts, share domain and many other Azure AD feature but I don;t sure which one of them I should use.

Thank you, Tal

Answer 1

Hello @Tal Cohen , in order to access resources from the PBI tenant you need to add users from the Office tenant as guests. Invitations are sent to emails by default buy you can customize or automate/bulk users invitations using MS Graph New-MgInvitation cmdlet.

Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so that others in the community with similar questions can more easily find a rated solution.