If you are taking advantage of Microsoft Azure AD External Identities pricing, which is based on Monthly Active Users (MAU), you can reduce cost of usage by creating Azure AD guest accounts. The first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features.
To create guest accounts:
- Go to
portal.azure.comand log into Azure AD.
- Click on New guest user.
- Check Invite user.
- Log into the CloudGen Access portal and go to Settings > Authentication Protocol > Identity Provider.
Edit your Identity Provider by appending this string to your Tenant ID, separated by a semicolon
So, for example, if your Tenant ID is <MyTenantID123>, you would edit your Identity Provider Configuration like this:
If one of your guest users is using O365 Premium, the user might get an error during enrollment. At the bottom of the enrollment you will see the user’s Tenant ID and you must add this to your Identity provider configuration:
In the Invalid Token URL in the Authentication Failed message, copy the part of the string after “.com/” without the close parenthesis “)”, and add that string to the Identity provider configuration again, separated by a semicolon.
So, with the same example as above, if your Tenant ID is <MyTenantID123>, you would edit your Identity Provider Configuration like this: