Resolve Azure AD External Partner Invitation Error

B

The error message "Unable to invite user user1@outlook.com - Generic authorization exception" indicates that the user Admin1 does not have the necessary permissions to invite an external partner to sign in to the Azure AD tenant. To resolve the issue, you need to assign the appropriate permissions to Admin1.

Option A: From the Roles and administrators blade, assign the Security administrator role to Admin1. This option is not the correct solution, as assigning the Security administrator role to Admin1 is not related to external partner invitation, and it may not be a suitable solution for security reasons.

Option B: From the Users blade, modify the External collaboration settings This option may be a possible solution. You can check and modify the external collaboration settings from the Azure portal to allow external partners to sign in. To do this, follow the steps below:

1. Sign in to the Azure portal using the administrator account (Admin1).
2. Navigate to Azure Active Directory > Users > User settings.
3. In the External collaboration settings, verify that the option "Guest users permissions are limited" is not selected.
4. If this option is selected, unselect it to allow external partners to sign in.
5. Save the changes and try to invite the external partner again.

Option C: From the Organizational relationship blade, add an identity provider This option is not the correct solution, as adding an identity provider to the Azure AD tenant is not related to external partner invitation.

Option D: From the Custom domain names blade, add a custom domain This option is not the correct solution, as adding a custom domain name to the Azure AD tenant is not related to external partner invitation.

In conclusion, Option B is the correct answer as it relates to the external collaboration settings that need to be adjusted to allow the external partner to sign in to the Azure AD tenant.