Microsoft Bringing Google ID Log-ins to Azure Active Directory

Now in preview, the new service will help enterprises collaborate and share applications with other companies beyond their own networks.

Microsoft Azure

Microsoft is expanding its Azure Active Directory B2B Collaboration support to now include log-ins from users who have Google IDs, which will allow enterprises to open their network access to trusted partners for ease of use and increased collaboration.

The new capabilities, which allow invited users to sign in to shared apps and resources using their own Google accounts without having to create Microsoft accounts or Azure Active Directory (AD) accounts, were announced Aug. 28 by Alex Simons, vice president of program management for Microsoft’s identity division, in the Microsoft Cloud Blogs. To start out, the new services are available only in public preview.

“We’ve been hard at work to make B2B Collaboration even more seamless and inclusive,” wrote Simons. “Our vision is to enable you to collaborate with people from any organization in the world, whether or not they have Azure AD or even an IT department. We’re reducing friction during invitation redemption and eliminating the proliferation of credentials by enabling your partners to bring their own existing identities to collaborate with you.”

The preview introduction of support for Google IDs is the first step in aiming for that goal, he wrote.

Until now, Azure AD B2B Collaboration only supported users who accessed through Azure AD or Microsoft accounts. But many enterprise users and IT administrators have been clamoring to use the service with non-Microsoft identity providers, such as Google, to allow them to streamline access for partners and other trusted users, wrote Simon.

The Google sign-ins are the first third-party log-ins that Azure AD will support.

“Enabling Google federation makes your invited Gmail user’s experience more seamless,” wrote Simon. “After you have set up B2B Google federation for your organization, invited Gmail users can use their Google identity to sign in and collaborate. They no longer need to create an Azure AD account or Microsoft Account to access the apps and resources you’re sharing with them.”

So far, only Google IDs with the @gmail.com extension will be supported, but that could change in the future.

To use the expanded services in preview, administrators can enable Google identities in the Organizational relationships tab, which is a new administration function that lets admins manage all settings related to external collaboration. Administrators can then view a list of users from other organizations and create customized “Terms of use” and “Access reviews” policies for guest users.

Additional federated authentication methods will be added to the menus as Microsoft builds out more functionality with the new services, wrote Simon.

Microsoft’s Azure AD B2B Collaboration capabilities enable any organization using Azure AD to work safely and securely with users from any other organization, small or large, according to the company. Those outside organizations can connect whether they do or do not have Azure AD, and even if they don’t have an IT department. Organizations using Azure AD can provide access to documents, resources and applications to their partners, while maintaining complete control over their own corporate data.

Azure AD business-to-business APIs are also available to allow developers to write applications that bring two organizations together more securely.

Helpful documentation is available from Microsoft for the new Google log-in services.

The Azure AD B2B Collaboration services are one of Azure AD’s fastest growing features, bringing in more than one million new users a month, according to Simon.