News

'One-Time Passcodes' for Azure AD B2B Hits Preview

A new feature in Microsoft's Azure Active Directory Business to Business (B2B) service enables organizations to grant outside partners access to their internal network resources.

Announced as a preview on Monday, the "one-time passcodes" feature works like this: An invitee gets an invitation containing a "Send Code" link from an organization. After the invitee clicks on that link, he or she will get a second e-mail containing a code for gaining network access, which can be used for up to 30 minutes, according to Microsoft's documentation.

Once the invitee gets authenticated, the session allowing guest access is only available to the invitee within a one-day timeframe. It's a security precaution built into the one-time passcodes feature, according to the announcement:

Each authentication session only lasts 24 hours, after which guests have to re-authenticate with a new email OTP. This means your guests have to prove they still have access to their work email inboxes and have not left the partner company every 24 hours.

Organizations can optionally add multifactor authentication requirements onto the one-time passcodes scheme, if wanted. Multifactor authentication is another scheme for verifying user identities, which typically happens via responses to a cell phone call or messaging service.

Microsoft's announcement depicted the one-time passcodes preview as permitting network resource sharing with "anyone in the world with an email account." There's one technical restriction to the scheme. Organizations must send a link that includes the organization's "tenant context" (or tenant ID) within the link, Microsoft's documentation explained.

One-time passcodes are deemed handy when Azure AD B2B invitees lack other authentication options -- such as an Azure AD account, a Microsoft account or a Google account -- to gain guest network access privileges. Microsoft has been gradually expanding the identity provider options that can be used with this service.

According to Microsoft's documentation, "when the guest user signs in, one-time passcode authentication will be the fallback method if no other authentication methods can be used."

While the one-time passcode feature is currently at the preview stage, Microsoft is planning to turn it on later for all organizations using this service.

"After preview, this feature will be turned on by default for all tenants," Microsoft's documentation bluntly stated, although no timeline was described.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Salesforce To Acquire Informatica in $8 Billion Deal

    Salesforce announced on Tuesday it plans to acquire data management firm Informatica for $8 billion.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Gives Orgs More Power to 'Tune' AI Agents

    At its Build 2025 conference this week, Microsoft unveiled significant advancements aimed at empowering enterprises to create more sophisticated AI agents.

  • Build 2025: Microsoft Charts Wider Path for AI Agents

    At Build 2025, Microsoft unveiled its strategic vision for the future of AI agents, emphasizing the development of autonomous systems capable of performing complex tasks across various applications.