This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 94%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEV%3C/text%3E%3C/svg%3E)
Hi All,
I am looking at option(s) in relation to Multitenant Collaboration vs Cross-tenant access in 365/Entra/Azure portals, I am finding my search for documentation challenging- I have found a non Microsoft page which describes the following:
"Multitenant organizations synchronize users between tenants using Microsoft Entra ID B2B collaboration users. Cross-tenant synchronization automates creating, updating, and deleting B2B collaboration users"
So, if I want to create a trust/sync between 2 (or more) separate Entra tenants/offices/organizations who sit under the same umbrella (and have no reason to distrust) what is the best practice for setting this up and which option should be used within the settings (including dynamic group settings for user onboarding).
Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 17%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVJ%3C/text%3E%3C/svg%3E)
Hello Eddie Vincent,
Thank you for posting your query on Microsoft Q&A.
The multitenant organization scenario occurs when an organization has more than one tenant instance of Microsoft Entra ID. It offers a portfolio of multitenant capabilities you can use to securely interact with users across your organization of multiple tenants and to automatically provision and manage those users across your tenants.
Cross-tenant access settings is one of the sets of multitenant capabilities support the needs of multitenant organizations:
Cross-tenant access settings manage how your tenant allows or disallows access to your tenant from other tenants in your organization or vice versa. They govern B2B collaboration, B2B direct connect, cross-tenant synchronization, and they indicate whether another tenant of your organization is known to be part of your multitenant organization.
Cross-tenant access settings are required for each tenant-to-tenant relationship, and tenant administrators explicitly configure each cross-tenant access relationship as needed.
The following diagram shows the basic cross-tenant access inbound and outbound settings capabilities.
Reference :
https://learn.microsoft.com/en-us/entra/identity/multi-tenant-organizations/overview
https://learn.microsoft.com/en-us/entra/external-id/cross-tenant-access-overview
Every tenant has its own in-bound, out-bound rules and default rules configured.
To change inbound B2B collaboration settings, navigate to Identity > External Identities > Cross-tenant access settings, then select Organizational settings
Customize settings: Select this option if you want to customize the settings to enforce for this organization instead of the default settings.
Under Access status, you can allow or block access to specific users and groups.
Please refer the below document
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".