How to Give guest users access in Azure Active Directory B2B

The external and internal developer teams want to work together, so you decide to create guest user access for the external developer team.

You'll use the Azure portal to invite business-to-business (B2B) collaboration users. You can invite guest users to an Azure Active Directory (Azure AD) organization, group, or application. After you invite a user, their account is added to Azure AD, with a guest user type.

After you add a guest user to the organization, send them a direct link to a shared app. Have the guest user open the redemption URL in the invitation email.

Add guest users to the organization

1. Sign in to the Azure portal.

2. Select Azure Active Directory > Users > New guest user.

    

   

3. Invite users should be selected.

4. Enter a name and an email address that you have access to.

5. Select Invite. An invitation is sent to the email address you provided for the guest user.

6. Notice that the user now appears in the list of users and has Guest as the user type.

You've now added a guest user to the organization.

Add guest users to a group

1. In your Azure AD organization, select Groups and then select the Developer group in the list of groups.
2. Select Members > Add members.
3. Search for the guest account you added to the organization.
4. Select the account, and click Select.
5. You now see the user in the list of members for this group.

You've now added a guest user to a group.

Add guest users to an application

1. In your Azure AD organization, select Enterprise applications > All applications.

2. Select New application.

   

3. Under Add from the gallery, enter Twitter and add it.

4. Select Users and groups > Add user.

   

5. In Add Assignment, select Users.

6. Select the guest user you added in the previous exercise, and click Select.

7. Select Assign. You now see the user in the list for this application.

8. To check that the correct access level is set, select the user in the list.

   
   
   

9. Select Edit.

10. Click Select Role > Default Access and Assign to make sure they have the correct access.

11. When the invitation arrives, the user accepts it and can then access the application.

    

You've now added a guest user to an application.

Resend invitations to guest users

If the guest user didn't receive the first email invitation, you can resend an invitation email.

1. In your Azure AD organization, select Users.

2. Select the user.

3. Select the Resend invitation.

   

You've now resent an invitation to a guest user.