Azure AD B2B Walkthrough

  • Article

Last year we announced the availability of the public preview for Azure AD B2B and B2C. The need for B2B is increasing due to the trend in highly distributed organizations of email consolidation (Office 365 single-tenant) but segregation of Azure infrastructure and subscriptions (multi-tenant). As a result there is a need to centralize authentication while delegating administration.

This walkthrough provides an example of inviting external users into Azure AD as guest users and granting access to resources in a different Azure AD Tenant. While it is beyond the scope of this post, Application or Group GUIDs can also be included in the CSV file to provide initial authorization or automated license provisioning for the users.

 

Log into https://manage.windowsazure.com as an administrator. Select Active Directory and then the directory that you want to invite external users to. 

clip_image001

 

Navigate to the “USERS” tab and then select “ADD USER”.

clip_image002

clip_image003

 

Create a CSV file with the external users. (https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2b-references-csv-file-format)

clip_image004

 

Select “User in partner companies” from the dropdown and then save and close the CSV and select for upload.

clip_image005

 

The batch job details will show the current status for the users.

clip_image006

clip_image007

 

If the invite email doesn’t match an Azure AD User’s User Principal Name then the Microsoft Account (Microsoft ID) setup flow will begin when they click the invite link, otherwise if it does match the user will be prompted to sign in with their School or Work credentials. Let’s take a look at the flow for the end user when they already have School or Work credentials (Org ID).

clip_image008

clip_image009

clip_image010

After authentication, the user will then see multiple directories listed in https://portal.azure.com.

clip_image011

The administrator of the resource directory will then see the external user listed as sourced from “Microsoft Azure AD (other directory)”.

clip_image012

 

 

We will be adding new B2B features and options in the coming months. You can read the most up to date details about B2B functionality directly in the Azure documentation. https://aka.ms/AzureB2BOverview