Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

Choosing between inter tenancy collaboration options

Brass Contributor

Give that we now have multiple options to enable collaboration between tenancies, I'm struggling to determine the way forward for my below scenario.


We have a 365 tenancy with 500 users and we've acquired a sub entity. We'd like to integrate these two tenancies in the best way possible to allow seamless collaboration across the two tenancies. 


How should I determine between options "B2B Direct connect, B2B Collaboration, Multi-Tenancy etc.." ?


Any inputs are highly appreciated ! Thank you

2 Replies

@Curious_Kevin16 depends on your use case and if you want to invite users to be as guest in your main tenant. 


B2B collaboration access settings determine whether users from your sub site tenant can be invited to your organization (main tenant) and added to your tenant as guests and vice versa


B2B direct connect access settings determine whether users from external Microsoft Entra tenants (Not Azure) can access your resources without being added to your tenant as guests and vice versa


Cross-tenant synchronization is to sync identities between two azure tenants. 


if your use case is only to allow employees from tenant A to collaborate with employees from tenant B than B2B is the best choice by adding tenant B as an organization in tenant A and vice versa if needed and also configure the inbound as outbound settings in the Cross-tenant access settings.

Thanks so much @eliekarkafy

My granular requirements are:

1. Users from tenant B should be able to see notifications from the users in Tenant A (chat messages, incoming meetings and calls, channel notifications etc.) and vice versa.
2. How the user permission granting experience will be ? will the other tenancy users appear as guests in a merged scenario or do they work simply as a single ORG ?
3. Is Exchange calendar sharing is full featured ? such as; email address removed for privacy reasons, if granted permission can see and edit email address removed for privacy reasons calendar, tasks, Inbox, etc – I'm looking at Calendar sharing and going beyond simple free/busy status by leveraging full potential.
4. Can I add users from Tenant B to SharePoint permissions the same way I do for our current primary tenant (Tenant A) ? or will it be different in a merged setup?
5. How will the trust work for Azure Enterprise Apps ? i.e. I have an app called "Interfox" but this has been only configured in the primary tenancy (Tenant A). would it be possible leverage the “trust” between the tenancies so that InterFox would permit SSO [subject to the InterFox back end having knowledge of the emails]?


Bottom line is, I'm looking for the best option that enabled us to streamline these two tenancies as closer as possible so that the users won't feel they're in two different tenancies while the identities are still in two tenancies. 


Hope that make sense and appreciate your thoughts ! Thanks heaps again.