Reputation: 5792
Azure AD: accept invitation of guest user programmatically with Powershell
I have two separate Azure AD instances, 'a' and 'b'. I want to invite users of 'b' into 'a' (as a guest user) programmatically. For this, I'm using the AzureAD Powershell module:
$Result = New-AzureADMSInvitation `
-InvitedUserEmailAddress $Email `
-InvitedUserDisplayName $DisplayName `
-InviteRedirectUrl $InviteRedirectUrl `
-SendInvitationMessage $false
The invitation should be accepted automatically, without sending an invitation email. That's why I pass the parameter -SendInvitationMessage $false . I noticed, however, that a user cannot log in before accepting the invitation (eventhough no email was sent).
Is there a way to programmatically accept the invitation on behalf of the user? Either by using the AzureAD Powershell module, or through a workaround (e.g. calling the Graph API)?
I'm admin of both Azure AD instances, and since I just created the user myself, I also have the credentials. I'm looking to avoid the hassle of manually accepting the invitation.
Upvotes: 2
Views: 5466
Answers (1)
Reputation: 27548
By default , if you add a foreign user to your tenant an invitation mail is send to this user you add and the user has to redeem the invitation.
User can open the redemption link and complete the user creation process. An invitation email is sent to the corresponding invited email Id which contains the redemption link. sendInvitationMessage = false will disable the invitation email so that you can use your own email mechanism for custom content along with the redemption link. But user still need to redeem the invitation .
If you want to skip the part of invitation redemption so users from your partner organization are added without any further interaction . Please try :
Make the guest users behave like members in your tenant and have the permission to invite other guest users. Please click here for detailed AAD setting .
Invite one user with directory read permission/global admin of the partners tenant (the foreign tenant) using powershell. That user should redeem that invitation manually .
Connect Azure AD using above account in powershell(Connect-AzureAD) , invite additional users from that same partner company .Now the new added guest users don't need to redeem the invitations .
Please refer to this article for detail explanation and steps for how to add guest users without invitation redemption.
Upvotes: 2
Related Questions
- Powershell - Do "Grant Permissions" action on Azure AD Application with Powershell
- Add invited guest user to group in Azure AD
- Inviting a User in Azure AD through Microsoft Graph API doesn't work
- Authenticate to Microsoft Graph api using powershell
- List of guest users via microsoft graph
- Invite a B2B user (Azure AD guest account) with Microsoft Graph without redirection URL
- How to Invite user in Azure AD Programmaticaly using Microsoft.Azure.ActiveDirectory.GraphClient sdk
- Creating guest users in Azure AD with Microsoft Graph API
- Any API for MS Graph/AAD to add users to tenant as guests, without invite email?
- Unable to invite user to Azure Active Diretory