Azure Active Directory Adds New Cross-Tenant Access Settings in Public Preview

Last Update: Sep 04, 2024 | Published: Feb 11, 2022

SHARE ARTICLE

Azure Active Directory Adds New Cross-Tenant Access Settings in Public Preview

Microsoft has announced the public preview of cross-tenant collaboration settings in its Azure Active Directory service. The new feature enables IT admins to manage how users can securely collaborate with external partners and in other Azure Active Directory organizations.

The ability to configure cross-tenant access settings was one of the top requested features from Azure Active Directory users. The Azure AD admin center currently provides three settings to help organizations control external collaboration within their tenant. These include the inbound access settings, outbound access settings, as well as Trust settings.

“Now you’ll have granular inbound and outbound access control settings that work on a per org, user, group, and application basis. These settings also make it possible for you to trust security claims from external Azure AD organizations like Multi-Factor Authentication (MFA), device compliance, and hybrid Azure AD joined devices,” the company explained in a blog post.

How to configure default cross-tenant access settings

Microsoft noted that the new cross-tenant access settings are now enabled by default for all external Azure Active Directory customers. However, IT admins will be able to manually change the Azure AD-provided default settings for external collaboration by following the steps mentioned below:

  1. Sign in to the Azure portal, and click the Azure Active Directory service.
  2. Next up, click External Identities and choose the Cross-tenant access settings (Preview) option. Once done, click the Default settings tab and then review the details available on the summary page.
  3. Finally, you’ll be able to change the default settings by clicking the Edit inbound defaults link or the Edit outbound defaults link options.

To configure cross-tenant access settings for specific users, groups, or apps, IT admins will need to obtain detailed information such as “user object IDs, group object IDs or application IDs” from the external organization.

Microsoft says that Azure Monitor service subscribers can use the cross-tenant access activity workbook to gain insights about all inbound and outbound collaboration. We invite you to check out this support page for more details on cross-tenant access in Azure AD External Identities.

SHARE ARTICLE