If you are taking advantage of Microsoft Entra ID External Identities pricing, which is based on Monthly Active Users (MAU), you can reduce cost of usage by creating Microsoft Entra ID guest accounts. The first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features.
To create guest accounts:
- Go to
portal.azure.com
and log into Microsoft Entra ID. - Click on New guest user.
- Check Invite user.
- Log into the CloudGen Access portal and go to Identity > Settings > Authentication Protocol.
Edit your Identity Provider by appending this string to your Tenant ID, separated by a semicolon (;)
9188040d-6c67-4c5b-b112-36a304b66dad
So, for example, if your Tenant ID is <MyTenantID123>, you would edit your Identity Provider Configuration like this:MyTenantID123;9188040d-6c67-4c5b-b112-36a304b66dad
If one of your guest users is using Microsoft 365 Premium, the user might get an error during enrollment. At the bottom of the enrollment you will see the user’s Tenant ID and you must add this to your Identity provider configuration:
In the Invalid Token URL in the Authentication Failed message, copy the part of the string after “.com/” without the close parenthesis “)”, and add that string to the Identity provider configuration again, separated by a semicolon.
So, with the same example as above, if your Tenant ID is <MyTenantID123>, you would edit your Identity Provider Configuration like this:MyTenantID123;cb0929bf-4968-a597-f1c369260900