Forum Discussion
Enabling Federated Authentication to SharePoint Online Between Affiliated Companies
I think Identity Governance in Azure AD could help you in this B2B situation
From Company A you can "federate" Company B&C through the Connected Organizations tab
(this requires someone's approval from Company B and C)
Once the Federation is established, you will provision different Access Packages and Catalogs depending on your needs.
An Access Package can contains specific SharePoint sites / Teams or Groups
Last step (Governance part) you will use the Access Reviews tab to define bunch of people who will take care to extend or revoke the permissions of users in Company B&C based on the access packages.
The review is done by an auto generated email and it's easy to use it
Thank you so much for the detailed reply. This sounds promising. I will discuss with my infrastructure team and report back on results.
Thanks again!
doughorton I've just seen this old thread. As cross tenant identity sync is now available, this would be the approach to go. Maybe you have already seen this, than you are fine.
