SOLVED

How to set up external user account expiration for Azure AD?

Contributor

Right now, we are collaborating with external users using B2B functionalities. These external users are automatically added to our Azure AD Directory when they accept and register thru MFA.

 

Now we want to set up expiration on these external users (guest user lifecycle) that automatically removes these guest users from our Azure AD directory after X days. Otherwise the list of external users will continue to grow with time.

 

Any help appreciated! 

 

 

4 Replies

@Jonathan Nunez , hope you are well?

 

I think you would need to look at identity governance within Azure AAD.

 

Specifically around Access Packages and Access Reviews.

 

This will require AAD P2 licencing and possibly E5.

 

Best,

 

Steve

 

 

@STN2000 

 

We have E5 license and Azure AD Premium 2.

 

How would that feature work? 

Azure AD doesn't support for setting expiration date for Azure AD accounts currently. currently we use access review from Identity governance and set a quarterly review to validate the user accounts.
You can also use access packages for privilege's users you have an option to define the "Maximum allowed eligible duration is permanent." or make them eligible and define the maximum JIT duration