In my previous post I explain how we can use Azure AD B2B to share services/resources between organization. Once these B2B users are register with Azure AD, we can apply “Conditional Access” polcies to control their access further. In this demo I am going to show how to do that.
Before we start please go ahead and read my previous article about Azure AD B2B, because in this post I am going assume that you already finish the sign-up process for Azure AD B2B users.
You can access the post using http://www.rebeladmin.com/2018/11/cross-organization-collaboration-azure-ad-b2b/
In my demo environment, I have sg-Finance security group. All the users from Finance department are part of it. I do have several applications assigned to them. Company Contoso recently made partnership with another company. Some privileged users from this new company required access to the applications used by sg-Finance users. Therefore, I went ahead and made them member of this group using Azure B2B. However, I need to put extra layer of security for these external user access requests to make sure my sensitive data been protected.
1. To start the configuration, I am logging in to https://portal.azure.com as Global Administrator
2. Then Azure Active Directory | Groups | sg-Finance | Members. In here I can see B2B user dmfrancis
3. Now go back to Azure Active Directory home page and click on Conditional Access
4. Then click on New policy