Add Guest Users to Your Directory in the Azure Portal
Start course
1h 1m

This course has been designed to teach you how to manage access and authentication in Azure Active Directory. 

The topics covered within this course include:

  • Managing Authentication
  • Implementing Multi-Factor Authentication
  • Configuring Application Access
  • Implementing Access for External Users of Microsoft 365 Workloads

Learning Objectives

  • To learn how to configure and monitor authentication
  • To learn how to administer MFA and report on its utilization
  • To learn how to configure application registration and use Azure AD Application Proxy
  • To learn how to use Azure Active Directory B2B to add and manage external users

Intended Audience

  • Those looking to learn more about access and authentication


To get the most from this course, you should at least be familiar with Azure AD and have a general understanding of its features.


There will be times when users that are external to your organization will need access to organization applications, especially in cases where your organization, maybe collaborates with a partner org. In such cases, you can invite external users to collaborate with your organization, by adding them to your directory as a guest user. After adding a guest user to your directory you can send the guest user an invitation email, that contains a redemption link or you can send the guest user a direct link to the app that you want to share. The guest user can sign in with his own work, school or social identity to access the shared application. In this demonstration, you'll learn: How to add a new guest user to Azure AD. How to send an invitation to the guest user. And what the guest user's invitation redemption process looks like. To prepare for this demonstration, I've created an external email address called, This email address for our fictitious user, Abe Petrovsky, will be used to add Abe to our directory. To grant Abe access to our MyFinance application, we need to add him to our directory as a guest user. To do this, let's click on Azure Active Directory, over here in the left pane, and then, under Manage, select Users. Let's create a New guest user by clicking the link in the toolbar. In the Email address field, we need to provide Abe's email address. If we wanted to, we could add a personalized message in the, Include a personal message box. I'm not worried about doing this for this demo, so I'll skip that piece. To send my invite to Abe, I just have to click Invite when I do this, the invitation is sent to Abe. After I send the invitation, Abe is automatically added to my directory as a guest. Once he's been added as a guest, I can assign the MyFinance app to him. To do so, I just have to click back out to Azure AD, and then on Enterprise applications within Azure AD. I then need to select the MyFinance application. From here, I can click on Users and groups and then add the user. From the Users and groups box, I can either select Abe's account, or I can search for it. After highlighting Abe's account, I need to click Select, and then Assign, to assign the MyFinance App to him. If we switch over to Abe's Gmail account, we can see the, you're invited email. In the body of the email, Abe just needs to click, Get Started, accept the conditions and then complete the sign-up process. At this point, the Access Panel opens and it shows Abe has access to MyFinance.


LECTURES: Course Introduction - What is Authentication - Designing an Authentication Method - Configuring Multi-Factor Authentication - Accessing MFA Service Settings - Enable SSPR - Sign-in Activity Reports in the Azure Active Directory Portal - Using Sign-in Activity Reports in the Azure Active Directory Portal - Azure Active Directory Monitoring - Implement MFA - Manage User Settings with Azure Multi-Factor Authentication in the Cloud - Manage MFA for Users - Reports in Azure Multi-Factor Authentication - Configure Application Registration in Azure AD - How to Configure Application Registration in Azure AD - What is Azure AD Application Proxy - Configure Azure AD Application Proxy - Azure Active Directory B2B - Add Guest Users to Your Directory in the Azure Portal - Conclusion

About the Author
Learning Paths

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.