I was doing some testing with the integration of Azure Active Directory with Salesforce to…
Earlier this year Microsoft released Azure AD business-to-business Collaboration world wide in general availability. With Azure AD B2B collaboration companies are able to work together with users of partner companies, without providing those users an user account in there own Azure AD. The user accounts of the partner company may exist in Azure AD, but actually any type of email address is supported. Let`s have a look at how this works for both the admin and the user from the partner company. In my example I use the with Azure AD integrated application Salesforce.
How does it work for the Azure AD Admin
I have already setup the integration between Azure AD and Salesforce, which provides my users an SSO experience when the access Salesforce from the Office Myapps portal. I have also enabled automatic user provisioning, so for users I provide access to Salesforce automatically an user account in Salesforce is created with the right user role.
The user invited now can be found in your Azure AD. Because it is in your Azure AD, you are able to manage the user account. You can off-course delete the account when access to your Azure AD isn`t wanted anymore. You can add it to groups, to provide access to an Enterprise Application or force a Conditional Access policy to require Multi-factor Authentication when accessing an Enterprise Application.
You can also have a look at the sign-ins, like you can for your own users accounts.
This is all from the Admin perspective.
How does it look like for the user
Depending on the type of account you received the invitation on, you are able to sign-n with your Office 365 or Microsoft account or to create a Microsoft account using your existing email address.
In my example I used Gmail, so I`m asked to create an account. The email address is already filled in and you need provide an password of choice.
Azure B2B licensing
What kind of licenses you need to purchase for using Azure AD B2B depends on what kind of access you provide to your partner users.
Have a look at this Azure AD B2B licensing guide for all the information.