Invitation flows b2b users
AAD B2B users have to be invited. Either via an email invitation or a direct URL link. There are also backdoor mechanisms (powershell and graph API) for adding b2b users.
Options for Logging In  – Federation versus One Time Passwords
Federating users into AAD is seamless as long as the source IdP is either a google account (gSuite aka google workspace) or a MSA (microsoft account).
One time passwords:  The advantage of one time passwords is that they work for any type of user. In addition, there is no password maintenance required. ( no password reset requests).
 What about password resets for federated users?
For federated users, passwords are never stored in AAD – so there isn’t a  concept of password reset.


Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.