Azure AD B2B collaboration direct federation with SAML and WS-Fed providers
Published date: 08 July, 2019
Direct federation makes it easier for you to work with partners whose IT managed identity solution is not Azure AD. It works with identity systems that support the SAML or WS-Fed standards. When you set up a direct federation relationship with a partner, any new guest user you invite from that domain can collaborate with you using their existing organisational account. This makes the user experience for your guests more seamless. With direct federation, your guest users sign in with their organisational account, satisfying any security requirements that your partner organisation has already implemented. Any additional security controls you implement for guest users, such as stronger proof of ownership for Multi-Factor Authentication (MFA), also applies to these users. When your guest leaves their organisation, they no longer have access to resources.