News

Google IDs on Azure Active Directory B2B Service Now at 'General Availability'

Microsoft announced on Wednesday that users of the Google identity and access service can use their personal log-in IDs with the Azure Active Directory B2B (Business to Business) service to access resources as "guests."

That capability is now at the "general availability" commercial-release stage for organizations using the Azure AD B2B service. Back in August 2018, the ability to use Google IDs was just available at the preview stage for testing. The idea behind this Google ID federation approach is that business partners can access organizational resources using their existing Google IDs, and no Azure AD identity needs to be created beforehand.

Microsoft also added a few new features since the preview. The Azure AD B2B service also now works with @googlemail.com accounts, rather than just with @gmail.com accounts.

In addition, Microsoft Teams permits Google ID sign-ins for collaborations, which works with "desktop, web browser, iOS and Android" Teams clients, as well as tenant authentication portals, such as "teams.microsoft.com."

Google ID Federation
To permit Google ID federation for guest access, organizations using the Azure AD B2B service have to carry out some setup steps, as described in this Microsoft document. An organization's conditional access policies will apply to the guests, so if multifactor authentication (MFA) is used by an organization for employees, it'll apply to guests, as well.

There's a licensing caveat that applies to guests with the Azure B2B service when they touch paid Azure AD services. Organizations need to have the licenses to cover guests beyond a certain number, as explained in this Microsoft document:

With Azure Active Directory (Azure AD) business-to-business (B2B) collaboration, you can invite External Users (or "guest users") to use your paid Azure AD services. Some features are free, but for any paid Azure AD features, you can invite up to five guest users for each Azure AD edition license that you own for an employee or a non-guest user in your tenant.

MFA has been a paid Azure AD option. Microsoft, though, announced earlier this month that it planned to turn on MFA by default starting November for all new Azure AD tenants, making MFA a "free" option. 

Under the Azure AD B2B guest scenario, the granting of access to shared resources is carried out via an invitation-only process. Prospective users get sent an e-mail invitation with a PIN, which is used to gain network access. Guests don't get all of the access privileges of employees, though. For instance, they don't get their own OneDrive storage or Exchange mailbox, and they don't have licensing permissions to use Office client applications.

Outlook.com and Google Apps?
On top of that Google ID news, Microsoft may be planning to allow Google apps to appear in its browser-based Outlook.com e-mail service.

According to this article by Tom Warren of The Verge, Google apps such as Google Calendar, Google Drive and Gmail can be used within Outlook.com, although the capability is said to be currently at the test level. It's done by linking a Google account with an Outlook.com account, according to the article.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Microsoft Warns SameSite Cookie Changes Could Break Some Apps

    IT pros could face Web application issues as early as next month with the implementation of a coming SameSite Web change, which will affect how cookies are used across sites.

  • Populating a SharePoint Document Library by E-Mail, Part 1

    While Microsoft doesn't allow you to build a SharePoint Online document library using e-mail, there is a roundabout way of getting the job done using the tools that are included with Office 365. Brien shows you how.

  • Microsoft Previews New App Reporting and Consent Tools in Azure AD

    Microsoft last week described a few Azure Active Directory improvements for organizations wanting to connect their applications to Microsoft's identity and access service.

  • Free Software Foundation Asks Microsoft To Release Windows 7 Code

    The Free Software Foundation this week announced that it has established a petition demanding that Microsoft release its proprietary Windows 7 code as free software.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.