Can I use Azure Active Directory (AAD) as IAM for a multi-tenant SAAS product?

Occasional Visitor

We are building a enterprise product, and expect a lot of customers, to not have active directory of their own. We plan to use AAD as our IAM provider. We plan to create a master AAD for the product, and then invite users of each customer (tenant) as external users to the master AAD, using their business email id. Each set of users for a given customer, will be added to an external group for manageability. Would this be the right approach, for supporting multi-tenanted IAM for a product hosted in Azure?

1 Reply

As I understand, Azure AD B2B maps to scenario you are looking for. You can provision users in Azure AD B2B from external companies using invitations , setup external groups for them in Azure AD B2B and based on membership grant access to application.