It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Access

How to Create Azure AD Guest Accounts

  • Last updated on

If you are taking advantage of Microsoft Azure AD External Identities pricing, which is based on Monthly Active Users (MAU), you can reduce cost of usage by creating Azure AD guest accounts. The first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features.

To create guest accounts:

  1. Go to portal.azure.com and log into Azure AD.
  2. Click on New guest user.

    AzureADGuestUserNewGuest.png

  3. Check Invite user.

    AzureADGuestInviteUser.png

  4. Log into the CloudGen Access portal and go to Settings > Authentication Protocol > Identity Provider.
  5. Edit your Identity Provider by appending this string to your Tenant ID, separated by a semicolon   

    9188040d-6c67-4c5b-b112-36a304b66dad

    So, for example, if your Tenant ID is <MyTenantID123>,  you would edit your Identity Provider Configuration like this:

    MyTenantID123;9188040d-6c67-4c5b-b112-36a304b66dad

    AzureADGuestEditIDProvider.png

    If one of your guest users is using O365 Premium, the user might get an error during enrollment. At the bottom of the enrollment you will see the user’s Tenant ID and you must add this to your Identity provider configuration:

    AzureADGuestInvalidTokenMessage.png

    In the Invalid Token URL in the Authentication Failed message, copy the part of the string after  “.com/”  without the close parenthesis “)”,  and add that string to the Identity provider configuration again, separated by a semicolon.
    So, with the same example as above, if your Tenant ID is <MyTenantID123>,  you would edit your Identity Provider Configuration like this:

    MyTenantID123;cb0929bf-4968-a597-f1c369260900