Create B2B accounts
Azure AD B2B collaboration lets you securely share your company’s applications and services with guest users from any other organization, while maintaining control over your own corporate data.
Administrators can create B2B guest accounts in Azure AD and can send in invitation link for guest users to accept privacy statement.
Non-Administrator users also can B2B accounts by sending an invitation to external user and add them in a Group or share an application to guest users. To make it work, Global Administrator has to enabled self-service management for a group and assign the user as owner of the group and the group added in the application.
Conditional Access can be used to control the organization data.
To create a B2B account
Azure Portal -> Azure AD -> Users -> New Guest User -> email address and the personal message and click on Send Invite.
Guest can accept the invitation and the external user account added as Guest User in Azure AD Tenant.
Create guest accounts
Guest account creation is same as B2B account creation.
Design solutions for external access
We can plan the external access restriction with the below settings.
Navigate to Azure Portal -> Azure AD -> User Settings -> Manage External Collaboration Settings
Guest Users Permissions are Limited
Admins and Users in the guest inviter role can invite
Members can Invite
Guest can Invite
In addition to the above external access settings, we can configure the below collaboration restrictions