We are looking to enable B2B in our tenant.
Essentially - we only want to be able to invite B2B identities if they are 'Work or School Accounts' & create them as cloud IDs (and manage the identity lifecycle) if they are not.
I've read (all?) the documentation and I am unable to see how we are able to accomplish this.
- The best solution that I could find would involve whitelisting/blacklisting specific fqdns?
Is it as simple as removing 'Microsoft Account' from the configured identity providers?
- Is this possible (seems not to be?) https://docs.microsoft.com/en-us/azure/active-directory/external-identities/microsoft-account
Thoughts/experiences most appreciated.
- If this is not an out of the box feature - is there an API that we can query to validate the account type? (we are looking to build an automation process for this so an API call would work well)