Big news! Microsoft has added a new preview feature to Azure AD, its Business to Business service that makes it easier for business partners to gain access to the network resources of an organization.
These are one-time passcodes that work via a series of email exchanges.
Redmond detailed these in an announcement, revealing how this new feature works. An invitee gets an invitation containing a second code link from an organization. After the invite clicks on the link, he or she will get a second email containing a code for gaining network access.
These can be used for up to 30 minutes.
Once the invitee gets authenticated, the session allowing guest access is only available to an invitee within a one-day timeframe. This is a security precaution built into the service:
“Each authentication session only lasts 24 hours, after which guests have to re-authenticate with a new email OTP. This means your guests have to prove they still have access to their work email inboxes and have not left the partner company every 24 hours.”
In addition to supporting Azure AD and Microsoft Accounts, this feature also works with Google Accounts, with Redmond adding support for these last year.
Microsoft also has documentation available here, which you can dive into and take the email OTP feature for a test drive during this preview phase. After the preview, the company will turn it on by default for all tenants.