Azure AD – You now use Google ID with Azure B2B

It has been in preview for the past few months, it is now GA (generally available): you can now invite external users (Azure AD B2B – Business to Business) using Google ID as identity provider, supporting @gmail.com and @googlemail.com email address domains.

Before enabling support for Google ID, you first need to create a Google client ID and secret by accessing https://console.developers.google.com/; it is recommended to use a shared Google account to logon

Create a new project and name it; optionally if you already have an organization configured you can also define it

image_thumb  image_thumb1

Once your Google API project has been created, configure the OAuth consent screen option of your project

image_thumb3

There define the application details and define the Authorized domains with the value microsoftonline.com

image_thumb4  image_thumb5

Once done, save it and access the Credentials option to create an OAuth client ID

image_thumb6

Select Web application and define the settings with Authorized redirect URIs set to:

  • https://login.microsoftonline.com
  • https://login.microsoftonline.com/te/<directory id>/oauth2/authresp
    (where <directory id> is your directory ID)

image_thumb8

Save the client ID and secret.

Then you can logon to your Azure portal (https://portal.azure.com/) or Azure AD Portal (https://aad.portal.azure.com/) to enable Google ID federation for your Azure AD and reach the Organizational relationship

image_thumb[1]

Then access the Identity Providers to add the Google one on which you define the client ID and secret you have created above

image_thumb[2]  image_thumb[3]  image_thumb[4]

You can also enable it using PowerShell using the below command

New-AzureADMSIdentityProvider -Type Google -Name Google -ClientId [Client ID] -ClientSecret [Client secret]

That’s it, you are now federating with Google identity services. You can now invite external/guest users using their Google account.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Book a Demo

Your Name (required)

Your Email (required)

Phone Number(Optional)

Ask a Question

Your Name (required)

Your Email (required)

Phone Number(Optional)

Your Message

Book Assessment

Evaluate your modern workplace security posture and validate it against current best practices with a Microsoft Secure Score Assessment, from cubesys

Your Name (required)

Your Email (required)

Phone Number(Optional)

Book your Windows Analytics Deployment

Your Name (required)

Your Email (required)

Phone Number(Optional)