none
Azure B2B without invitation

    Question

  • https://docs.microsoft.com/en-us/azure/active-directory/active-directory-b2b-add-user-without-invite

    So, tested, there are two options here.

    1. User from host aad, in Guest inviter role", created as external user in guest aad, granted "enumeration priviliges"
    2. User from guest aad, created as external user in host aad, granted "Guest inviter" role.

    but... how do you explicitely add "Enumeration priviliges" ? set usertype = "member" will work, but that is maybe too much?
    also, where in the permission scopes does "Enumeration privs" fit?

    https://developer.microsoft.com/en-us/graph/docs/authorization/permission_scopes 



    /Frederik Leed

    Friday, April 07, 2017 11:20 AM

All replies

  • For this to work, the user would need to be set as a member. Getting enumeration privileges won’t help completely.
    Tuesday, April 11, 2017 8:15 AM
    Moderator
  • "All you must do is grant that user enumeration privileges in the directory you're using for the partner org."

    sux if member is needed, since this a much wider range of permission. Also, it differs from text on the article.

    /Frederik Leed

    Friday, April 21, 2017 6:41 AM