Forum Discussion

tadhgclifford's avatar
tadhgclifford
Copper Contributor
Oct 14, 2025

Azure Virtual Desktop External Identities

Hi. I was delighted to find out that External Identities are now supported in Azure Virtual Desktop (preview).

https://learn.microsoft.com/en-us/azure/virtual-desktop/authentication#external-identity-preview 

I have attempted to set this up and test it as per the requirements and known limitations above. However, when I sign into the Windows app with my guest account, I do not have any AVD resources available.

Are there any detailed setup instructions or is there anything not obvious that I might be missing?

Thank you!

 

2 Replies

  • hi tadhgclifford​ Since the feature is still in public preview, the setup can be a bit tricky because some configurations aren’t yet fully automated. A few things to double-check:

    App Assignment:

    Make sure the external user (B2B guest) has been explicitly assigned to the AVD application group — this doesn’t happen automatically even if the user has directory access.

    Group Membership Propagation:

    If you’re using Entra groups for app assignment, verify that the guest user appears in the group as a member (not pending). In some cases, it can take a few minutes to sync through Entra ID before AVD recognizes the user.

    RBAC Permissions:

    Confirm that the external user has at least the Desktop Virtualization User role on the AVD application group resource scope.

    Supported Client:

    External identities currently work only in the latest version of the Windows Desktop client (and sometimes not yet in the web client).

    If you’ve confirmed all of the above and still don’t see resources, it may help to collect logs via the AVD client diagnostics tool and raise a ticket through Azure Support — they can verify if your tenant has full External Identity preview enablement.

    • tadhgclifford's avatar
      tadhgclifford
      Copper Contributor

      Hi Surya. Many thanks for your reply and the detail you provided.

      I have narrowed the issue down to the fact that, when in the Windows App, I can't switch organisations in my guest account, i.e. my guest account is not showing the AVD resources available because it is pointing at the home organisation.

      I have tested successfully when connected via a web browser, as I am able to connect to the relevant directory/organisation. 

       

      In web browser:

       

      In Windows App:

       

Resources