Sep 08 2021 09:04 PM
Hi,
We are looking to enable B2B in our tenant.
Essentially - we only want to be able to invite B2B identities if they are 'Work or School Accounts' & create them as cloud IDs (and manage the identity lifecycle) if they are not.
I've read (all?) the documentation and I am unable to see how we are able to accomplish this.
- The best solution that I could find would involve whitelisting/blacklisting specific fqdns?
https://docs.microsoft.com/en-us/azure/active-directory/external-identities/allow-deny-list
Is it as simple as removing 'Microsoft Account' from the configured identity providers?
- Is this possible (seems not to be?) https://docs.microsoft.com/en-us/azure/active-directory/external-identities/microsoft-account
Thoughts/experiences most appreciated.
- If this is not an out of the box feature - is there an API that we can query to validate the account type? (we are looking to build an automation process for this so an API call would work well)
Cheers,
Sep 17 2021 12:31 AM