Today organizations collaborate outside of their traditional boundaries as the new relationships become even more digital. As the Identity is the new perimeter, you need to manage not only your internal identities, but also your partner's and consumer's identities, also known as external identities.
There is a high demand for a customizable, seamless, and secure identity life-cycle experience for partners and customers outside the organization.
There are different scenarios for external identities:
- In the Business to Business scenario (B2B) you can share an app or resource with an external user by inviting them to be a guest within your tenant. The external user could then use their own credentials to access the resource you have assigned permissions to.
- In the Business to Consumer scenario (B2C) you can use Azure Active Directory as the identity system for you customer facing app, allowing your customer to access it by bringing their own identity.
With external identities in Azure Active Directory you achieve this. Instead of using different identity systems that do not communicate with each other, leading to more complexity, you can use Azure Active Directory for both your internal and external users. It gives you the possibility to use one portal for identity and access management for your user directories.
With external identities in Azure Active Directory you can:
- Offer your customers and partners to bring their own Identity for a seamless authentication. You can simplify the sign up and sign in experience for your external user making it possible for them to use for example their phone number or even a third-party identity provider such as Google or Facebook. You can also customize the login experience to the apps you want to publish for you customers with your company branding.
- Utilize apps like Office 365, SaaS apps or LOB apps to collaborate with your partners and review their access over time. You can also use conditional access policies for your partners guest accounts in your tenant and for example enforce multi-factor authentication. For simplicity you can delegate the management of guest users to the owner of the application or even a group.
- Use the same governance and security for both your internal as well as external users and take advantage of Azure Active Directory Identity Protection for any user type.
Want to know more?
Sign up for our webinar on November 26 : Identity B2B/B2C Webinar