Azure AD B2B collaboration for hybrid organizations

Howdy folks, 

Many of you probably already use Azure Active Directory (Azure AD) B2B collaboration to work closely with your external partners. Since we launched Azure AD B2B capabilities a year ago, more than 800,000 organizations have used Azure AD B2B to collaborate with their partners, adding 8 million guest user accounts. Pretty amazing right?!

One of the most frequent pieces of feedback we’ve received is that you need B2B collaboration to work for all your apps, even if you have a hybrid configuration where you have apps on-premises and apps in the cloud. For example, you might already use B2B collaboration to invite your partners to access apps in Azure or Office 365, using their external credentials. But, you have high-value on-premises apps that your organization is not ready to move to the cloud just yet.

Today, I’m excited to let you know that we’re releasing a public preview that lets you give Azure AD B2B users access to on-premises apps, without needing to manually create on-prem accounts for them!

These on-premises apps can use SAML-based authentication or Integrated Windows Authentication (IWA) with Kerberos constrained delegation (KCD). This means employees in companies you partner with can use the same work accounts and credentials they use every day and now they can easily and securely access all the cloud and on-premises apps you make available to them. And to top it off, you can use conditional access policies and lifecycle management policies in Azure AD to protect your resources just like you can for employees.

To get start, I’d recommend taking a look at the docs. It’s not hard to enable your employees and partners to collaborate seamlessly even in a hybrid configuration! 

And as always, connect with us for any feedback, discussions, and suggestions. You know we’re listening! 

Best Regards,
Alex Simons (@Twitter: @Alex_A_Simons)
Director of Program Management
Microsoft Identity Division