question

marcogerber avatar image
0 Votes"
marcogerber asked JamesHamil-MSFT answered

Restrict Azure AD B2B invitations from specific domains

Is there a way to restrict Azure AD B2B from specific domains? I know you can restrict invitations to specific domains as described here, but not the other way around. Also I'm aware of the tenant restriction solution, although this only works on a access level going through a proxy, not from outside the proxy environment on an identity level.


azure-ad-b2b
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesHamil-MSFT avatar image
0 Votes"
JamesHamil-MSFT answered

Hi @marcogerber , there's no way to do this as that would be controlled by other users. They would also need your exact email. Why are you trying to do this, are you getting spammed? If so we can find a solution for you!

Best,
James

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @JamesHamil-MSFT

Thank you for answer!

The goal here is to limit/specify the tenants a user can collaborate with. I.e. in our configuration, a guest user can only be invited into a Teams workspace as soon as the guest user has been invited to Azure AD through our internal process (users themselves are not able to invite external users). We solve the problem of connecting to foreign tenants from inside the work environment with the tenant restriction mentioned above, and use the domain whitelisting inside Azure AD in our internal onboarding process.
Now, we are able to control the tenants our users collaborate with pretty good from our side. What we want to prevent now is the scenario where the other party can invite one of our users and they start collaborating on the external users side (Teams, Sharepoint, etc.), maybe because it's the easier way around internal workflows, where we then don't have much control anymore regarding DLP and other topics.

Thanks,
Marco

0 Votes 0 ·