Azure AD External Identities

 

State	Definition
State 1	Homed in an external instance of Azure AD and represented as a guest user in the inviting organization. In this case, the B2B user signs in by using an Azure AD account that belongs to the invited tenant. If the partner organization doesn't use Azure AD, the guest user in Azure AD is still created. The requirements are that they redeem their invitation and Azure AD verifies their email address. This arrangement is also called a just-in-time (JIT) tenancy or a "viral" tenancy.
State 2	Homed in a Microsoft or other account and represented as a guest user in the host organization. In this case, the guest user signs in with a Microsoft account or a social account. The invited user's identity is created as a Microsoft account in the inviting organization’s directory during offer redemption.
State 3	Homed in the host organization's on-premises Active Directory and synced with the host organization's Azure AD. You can use Azure AD Connect to sync the partner accounts to the cloud as Azure AD B2B users with UserType = Guest.
State 4	Homed in the host organization's Azure AD with UserType = Guest and credentials that the host organization manages. a tenant admin can set the following invitation policies: Turn off invitations (no external users can be invited) Only admins and users in the Guest Inviter role can invite (only admins and users in the Guest Inviter role can invite) Admins, the Guest Inviter role, and members can invite (same as above setting, but invited members can also invite external users) All users, including guests, can invite (as the name implies, all users in the tenant can invite external users) By default, all users, including guests, can invite guest users.