Microsoft Announces Azure Active Directory External Identities
Microsoft announced a new set of features at Build 2020 for Azure Active Directory (AD) that are now in public preview. Azure AD External Identities aims to make it easier for organizations and developers to authenticate external users. Microsoft says that it is especially important currently because more users are working remotely due to the COVID-19 pandemic. But at the same time, IT is being asked to cut back because of reduced budgets while having to deal with a growing external user base.
External Identities brings new features to Azure AD in public preview
External Identities is based on the Microsoft identity platform. The platform lets developers integrate applications with a single toolkit. Furthermore, External Identities works without changing anything in code.
Organizations can start testing External Identities straight away. Self-service sign-up and sign-in for applications allows users to create an account in an application using Google and Facebook IDs, and other identity providers that are already supported by Azure AD.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
Additionally, custom attributes let developers collect information about users during the sign-up process. And API connectors can be used to call to web APIs during the authentication process. API connectors might be used to integrate with a preexisting authorization process for example, before an account is approved for use. Here is a complete list of the features either already in preview or coming soon:
- Integration with social identity providers
- Custom user attributes
- API connectors to call to web APIs during the authentication process
- User flows for creating custom sign-up experiences for your apps
External Identities is built on top of the Microsoft Graph API and it can currently be used with apps that are developed in-house. Although Microsoft plans to expand the types of applications that External Identities can be used with in the future. To use the preview, organizations need to enable self-service sign up in their Azure AD tenant.
Secure and manage external users’ access to apps more effectively
If your organization has created internal credentials for external users, users can be invited to B2B collaboration. Once the process is complete, external users can use their own identities and credentials to sign in to your apps and take advantage of features provided by External Identities. For more information about inviting internal users to B2B collaboration, see Microsoft’s site here.
Another great feature of External Identities is that it also integrates with Azure AD Conditional Access and Identity Protection. Conditional Access helps secure access to applications by ensuring users and devices meet certain conditions. Identity Protection automates the detection and remediation of identity-based risks, like phishing and password spray attacks.
Microsoft says that External Identities extends the global availability, reliability, and scale of Azure AD to customers and partners. The current public preview is just the start for External Identities, and it will make the process of authenticating users simpler. And the less complex systems are, the better they can be secured.