Manage federated accounts in Azure AD

Copper Contributor



I am a newbie in Azure AD, please help me out.

I would like to understand that if I set up a federated account of a 3rd party with my Org Azure AD, how much that account has control over my environment - in applications, policies, etc.? Is there any Microsoft recommended best practice to manage or control these federated accounts in Azure AD? 


Thanks in advance!

2 Replies

@Ranjita For best practices or recommendations you should take a look at the Azure Security Center.

Settings on tenant level can be set in Azure Active Directory > External Identities >External Collaboration Settings. You should deactivate „Guest can invite“ there.


Under Azure Active Directory > User Settings restrict the access to the Azure AD Administration Portal.

It would make administration easier to create a security group which inhibits all guest users, so you can assign apps on a higher level.

I recently discovered I have an azure account which I did not create. I see a federated organization was created using my private email. Anyone know who I can contact for help to see who created this organization?
I have been on the phone with support from Microsoft but they do not take me seriously. Any higher poets to help me?