introduction
azure Active Directory (Azure AD) business-to-business (B2B) collaboration is a feature within External Identities that lets you invite guest users to collaborate with your organization
With B2B collaboration, you can securely share your company’s applications and services with guest users from any other organization, while maintaining control over your own corporate data.
Work safely and securely with external partners even if they don’t have Azure AD or an IT department.
A simple invitation and redemption process lets partners use their own credentials to access your company’s resources
For licensing and pricing information related to guest users, refer to Azure Active Directory pricing.
Azure AD B2B vs external sharing in SharePoint Online
- OneDrive/SharePoint Online adds users to the directory after users have redeemed their invitations à However, when you use Azure AD B2B collaboration, users are added immediately on invitation so that they show up everywhere.
- The redemption experience in OneDrive/SharePoint Online looks different from the experience in Azure AD B2B collaboration. After a user redeems an invitation, the experiences look alike.
- Azure AD B2B collaboration invited users can be picked from OneDrive/SharePoint Online sharing dialog boxes. OneDrive/SharePoint Online invited users also show up in Azure AD after they redeem their invitations.
- The licensing requirements differ. For each paid Azure AD license, you can let up to 5 guest users access your paid Azure AD features
Manage groups guest access
If you want to enable or disable guest access in groups, you can do so in the Microsoft 365 admin center.
- In the admin center, go to Show all> Settings > Org settings and on the Services tab, select Microsoft 365 groups.
- On the Microsoft 365 Groupspage, choose whether you want to let people outside your organization access group resources or let group owners add people outside your organization to groups.
Who can invite external Guest users
- By default, all users, including guests, can invite guest users
- To configure external collaboration settings:
- Sign in to the Azure portal as a tenant administrator.
- Select Azure Active Directory.
- Select External Identities> External collaboration settings.
- Under Guest user access restrictions (Preview), choose the level of access you want guest users to have:
- Guest users have the same access as members (most inclusive): This option gives guests the same access to Azure AD resources and directory data as member users.
- Guest users have limited access to properties and memberships of directory objects: (Default) This setting blocks guests from certain directory tasks, like enumerating users, groups, or other directory resources. Guests can see membership of all non-hidden groups.
- Guest user access is restricted to properties and memberships of their own directory objects (most restrictive): With this setting, guests can access only their own profiles. Guests are not allowed to see other users’ profiles, groups, or group memberships.
invite external user to join Ms365 tenant
Now ,,
let us move to practical part
we have user called maher islaieh with email Maher.islaieh@gmail.com
we would like to invite that to join our organization Pionners101.onmicrosoft.com
- open azure port https://portal.azure.com
- select azur eactive directory
- select users
- select invite Guest Users
verify add Guest to MS365 pioneers101
to verify : check account in users lists
Conclusion
Azure Active Directory (Azure AD) business-to-business (B2B) collaboration is a feature within External Identities that lets you invite guest users to collaborate with your organization.
With B2B collaboration, you can securely share your company’s applications and services with guest users from any other organization, while maintaining control over your own corporate data. and Work safely and securely with external partners,
