Forum Discussion

Ranjita's avatar
Ranjita
Copper Contributor
Feb 05, 2021

Manage federated accounts in Azure AD

Hi,

 

I am a newbie in Azure AD, please help me out.

I would like to understand that if I set up a federated account of a 3rd party with my Org Azure AD, how much that account has control over my environment - in applications, policies, etc.? Is there any Microsoft recommended best practice to manage or control these federated accounts in Azure AD? 

 

Thanks in advance!

  • rene_weber's avatar
    rene_weber
    Brass Contributor

    Ranjita For best practices or recommendations you should take a look at the Azure Security Center.

    Settings on tenant level can be set in Azure Active Directory > External Identities >External Collaboration Settings. You should deactivate „Guest can invite“ there.

     

    Under Azure Active Directory > User Settings restrict the access to the Azure AD Administration Portal.


    It would make administration easier to create a security group which inhibits all guest users, so you can assign apps on a higher level.

    • Judith785's avatar
      Judith785
      Copper Contributor
      Hi
      I recently discovered I have an azure account which I did not create. I see a federated organization was created using my private email. Anyone know who I can contact for help to see who created this organization?
      I have been on the phone with support from Microsoft but they do not take me seriously. Any higher poets to help me?
      Thanks
      Judith

Resources