Sign-in with Google social IDs is now generally available for Azure AD B2B Collaboration

Published 11-20-2019 09:00 AM 7,420 Views

Howdy folks,

Yet another Ignite follow up blog to share with you today! Sign-in with Google social IDs for B2B users is now generally available—making the experience for your invited Gmail users more seamless and secure.

Azure AD B2B Collaboration continues to be a hugely popular tool for organizations of every size to collaborate with guest users. Azure AD’s support for Google social IDs makes collaboration even more seamless, enabling your partners to securely use their existing Google identities to collaborate with you. No need for them to create and manage a new account!


Sign in with Google social IDs is now generally available for Azure AD B2B Collaboration 1.png


In addition, since our public preview announcement, we studied your feedback and made a few key enhancements:

  • users are now supported. In addition to users, invited users can also sign-in with their Google social IDs.
  • Microsoft Teams support for Google users on all clients. Google users can seamlessly sign-in and collaborate on all four clients of Teams: desktop, web browser, iOS, and Android.
  • Teams support for Google users across common and tenanted authentication endpoints, like

You can enable signing in with Google social IDs for B2B users by going to > Organizational Relationships > Identity Providers. Explore our documentation to learn more!


Please let us know what you think in the comments below. We look forward to hearing from you!


Best regards,

Alex Simons (@Alex_A_Simons)

Corporate VP of Program Management

Microsoft Identity Division

Super Contributor

I'm baffled. What is Google's social ID? Do you mean Google+ or just Google ID? Google and social don't go together in my book :)

Regular Contributor

Do I miss a key component or do I misunderstand the concept here? We're talking about regular, private users, not B2B Google Suite federation?


So SSO for Gmail users -- without having to create a Microsoft account -- does only work, if the user is doing all of the following? And the administrator of the inviting party then has to also configure his side of the trust relation ship? In that case I'd tell the invited party to just create a Microsoft account. It's easier for both him and our IT.


I really do not see the advantage of having this, when it has to be enabled per user. Especially not, if the invited party basically needs to have IT administration expertise.




Is this functionality coming for G Suite accounts, or is this limited to accounts only?


Hi folks, let me answer the previous comments. 


@Oleg K in this context it is a or address where your B2B partner signs in to an existing Google consumer / social identity.

@Daniel Niccoli This is really for the scenarios where you want to do B2B collaboration with the small 3-5 user shops which don´t have IT but already using accounts and you do not have to ask them to create additional Microsoft accounts just for this purpose.

@Eric Davis you can do B2B federation with G-Suite users by using Azure AD B2B direct federation. You have to setup a federation trust for the specific domain your partner is using and pointing it to G-Suite for SAML / WS-Fed federation.  


Cheers Peter


@Plenzke  What is the expected login process for @gmail users with this enabled?

During my initial testing, it seemed like if the user followed the original emailed link (for example, when being added to a Team), then it appeared to work.

If they try to visit and log in, then it says it can't find their account, and instead prompts to send a One Time Passcode.


If they try to log in via the Teams app, it's the same experience.  Should the user have to use the One Time Passcode option every time they log in w/ their Gmail account in this manner?

Version history
Last update:
‎Jul 24 2020 01:29 AM
Updated by: