Microsoft Entra ID Now Supports External to Internal User Account Conversion

Cloud Computing

Key Takeaways:

  • Microsoft Entra ID now allows IT administrators to convert external accounts into internal ones seamlessly, facilitating smoother transitions within organizations.
  • This feature should be helpful for enterprises undergoing mergers, reorganizations, or acquisitions.
  • The conversion process can be easily initiated through the Entra ID Portal or Microsoft Graph API.

Microsoft has released a new “convert to internal user” feature in preview for its Microsoft Entra ID service. The latest release allows IT administrators to seamlessly convert external accounts into internal ones to ensure a smooth transition without disrupting user access and workflows.

Microsoft mentioned that most enterprise customers use a combination of internal and external accounts. Specifically, Internal accounts are accounts that authenticate with the local tenant. Meanwhile, external accounts use other methods to complete the authentication process, including Microsoft account, Google Federation, and Microsoft Entra ID.

According to Microsoft, organizations may need to change existing external users into internal users in certain scenarios. This new “convert to internal user” feature could be useful for organizations going through mergers, reorganizations, and acquisitions. Microsoft notes that administrators can perform external user conversion via the Entra ID Portal or Microsoft Graph API.

“External user conversion handles the conversion of external users into internal members without the need to delete existing user objects and create new ones. The preservation of the user objects allows users to keep their original account and their access isn’t disrupted. A converted user’s account maintains its history of activities intact as their relationship with the host organization changes,” Microsoft explained.

Microsoft Entra ID Now Lets IT Admins Convert External User Accounts to Internal

How to convert to internal user accounts with the Microsoft Entra ID Portal

To convert external user accounts into internal ones, IT administrators will need to follow the steps mentioned below:

  • Sign in to the Microsoft Entra admin center.
  • Navigate to Identity > Users > All users.
  • Choose an external user and click the “Convert to internal user” option.
  • Review the following options: user principal name, auto-generate password, and change email address.
  • Finally, click the “Convert” option.

Microsoft notes that the conversation preserves the membership of the account in Microsoft 365 and teams. Keep in mind that users who have an authentication method set up outside of the host organization are eligible for conversion. Moreover, IT admins will need to provide a UPN and password while converting a cloud user from external to internal.