Quickstart: Add a guest user and send an invitation

With Azure AD B2B collaboration, you can invite anyone to collaborate with your organization using their own work, school, or social account. In this quickstart, you'll learn how to add a new guest user to your Azure AD directory in the Azure portal. You'll also send an invitation and see what the guest user's invitation redemption process looks like. In addition to this quickstart, you can learn more about adding guest users in the Azure portal, via PowerShell, or in bulk.

If you don’t have an Azure subscription, create a free account before you begin.

Prerequisites

To complete the scenario in this quickstart, you need:

  • A role that allows you to create users in your tenant directory, such as the Global Administrator role or a limited administrator directory role (for example, Guest inviter or User administrator).

  • Access to a valid email address outside of your Azure AD tenant, such as a separate work, school, or social email address. You'll use this email to create the guest account in your tenant directory and access the invitation.

Add a new guest user in Azure AD

  1. Sign in to the Azure portal with an account that's been assigned the Global administrator, Guest, inviter, or User administrator role.

  2. Under Azure services, select Azure Active Directory (or use the search box to find and select Azure Active Directory).

    Screenshot showing where to select the Azure Active Directory service.

  3. Under Manage, select Users.

    Screenshot showing where to select the Users option

  4. Select New guest user.

    Screenshot showing where to select the New guest user option.

  5. On the New user page, select Invite user and then add the guest user's information.

    • Name. The first and last name of the guest user.
    • Email address (required). The email address of the guest user.
    • Personal message (optional) Include a personal welcome message to the guest user.
    • Groups: You can add the guest user to one or more existing groups, or you can do it later.
    • Roles: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role.

    Screenshot showing the new user page.

  6. Select Invite to automatically send the invitation to the guest user. A notification appears in the upper right with the message Successfully invited user.

  7. After you send the invitation, the user account is automatically added to the directory as a guest.

    Screenshot showing the new guest user in the directory.

Accept the invitation

Now sign in as the guest user to see the invitation.

  1. Sign in to your test guest user's email account.

  2. In your inbox, open the email from "Microsoft Invitations on behalf of Contoso."

    Screenshot showing the B2B invitation email

  3. In the email body, select Accept invitation. A Review permissions page opens in the browser.

    Screenshot showing the Review permissions page.

  4. Select Accept.

  5. The My Apps page opens. Because we haven't assigned any apps to this guest user, you'll see the message "There are no apps to show." In a real-life scenario, you would add the guest user to an app so the app would appear here.

Clean up resources

When no longer needed, delete the test guest user.

  1. Sign in to the Azure portal with an account that's been assigned the Global administrator, Guest, inviter, or User administrator role.
  2. Select the Azure Active Directory service.
  3. Under Manage, select Users.
  4. Select the test user, and then select Delete user.

Next steps

In this quickstart, you created a guest user in the Azure portal and sent an invitation to share apps. Then you viewed the redemption process from the guest user's perspective and verified that the guest user was able to access their My Apps page. To learn more about adding guest users for collaboration, see Add Azure Active Directory B2B collaboration users in the Azure portal.