Merge pull request #221992 from csmulligan/csmulligan-exid-mto

[EXID] Update EXID doc set with MTO (ADO-55442)

Author: v-dirichards

articles/active-directory/external-identities/cross-tenant-access-settings-b2b-collaboration.md

@@ -193,6 +193,12 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Select **Save**.
 
+### Allow users to sync into this tenant
+
+If you select **Inbound access** of the added organization, you'll see the **Cross-tenant sync (Preview)** tab and the **Allow users sync into this tenant** check box. Cross-tenant synchronization is a one-way synchronization service in Azure AD that automates creating, updating, and deleting B2B collaboration users across tenants in an organization. For more information, see [Configure cross-tenant synchronization](../../active-directory/multi-tenant-organizations/cross-tenant-synchronization-configure.md) and the [Multi-tenant organizations documentation](/azure/active-directory/multi-tenant-organizations).
+
+:::image type="content" source="media/cross-tenant-access-settings-b2b-collaboration/cross-tenant-sync-tab.png" alt-text="Screenshot that shows the Cross-tenant sync tab with the Allow users sync into this tenant check box." lightbox="media/cross-tenant-access-settings-b2b-collaboration/cross-tenant-sync-tab.png":::
+
 ## Modify outbound access settings
 
 With outbound settings, you select which of your users and groups will be able to access the external applications you choose. Whether you're configuring default settings or organization-specific settings, the steps for changing outbound cross-tenant access settings are the same. As described in this section, you'll navigate to either the **Default** tab or an organization on the **Organizational settings** tab, and then make your changes.

articles/active-directory/external-identities/cross-tenant-access-settings-b2b-direct-connect.md

@@ -187,6 +187,9 @@ With inbound settings, you select which external users and groups will be able t
 
 1. Select **Save**.
 
+> [!NOTE]
+> When configuring settings for an organization, you'll notice a **Cross-tenant sync (Preview)** tab. This tab doesn't apply to your B2B direct connect configuration. Instead, this feature is used by multi-tenant organizations to enable B2B collaboration across their tenants. For more information, see the [multi-tenant organization documentation](/azure/active-directory/multi-tenant-organizations).
+
 ## Modify outbound access settings
 
 With outbound settings, you select which of your users and groups will be able to access the external applications you choose. The detailed steps for modifying outbound cross-tenant access settings are the same whether you're configuring default or organization-specific settings. As described in this section, navigate to the **Default** tab or an organization on the **Organizational settings** tab, and then make your changes.

articles/active-directory/external-identities/external-identities-overview.md

@@ -29,6 +29,8 @@ The following capabilities make up External Identities:
 
 - **Azure AD B2C** - Publish modern SaaS apps or custom-developed apps (excluding Microsoft apps) to consumers and customers, while using Azure AD B2C for identity and access management.
 
+- **Azure AD multi-tenant organization** - Collaborate with multiple tenants in a single Azure AD organization via cross-tenant synchronization.  
+
 Depending on how you want to interact with external organizations and the types of resources you need to share, you can use a combination of these capabilities.
 
 ![External Identities overview diagram.](media/external-identities-overview/external-identities-b2b-overview.png)
@@ -87,6 +89,8 @@ The following table gives a detailed comparison of the scenarios you can enable
 | **Branding**  | Host/inviting organization's brand is used.  | For sign-in screens, the user’s home organization brand is used. In the shared channel, the resource organization's brand is used. | Fully customizable branding per application or organization.   |
 | **More information** | [Blog post](https://blogs.technet.microsoft.com/enterprisemobility/2017/02/01/azure-ad-b2b-new-updates-make-cross-business-collab-easy/), [Documentation](what-is-b2b.md)            |   [Documentation](b2b-direct-connect-overview.md)     | [Product page](https://azure.microsoft.com/services/active-directory-b2c/), [Documentation](../../active-directory-b2c/index.yml)       |
 
+Based on your organization’s requirements you might use cross-tenant synchronization (preview) in multi-tenant organizations. For more information about this new feature, see the [multi-tenant organization documentation](/azure/active-directory/multi-tenant-organizations) and the [feature comparison](../multi-tenant-organizations/overview.md#compare-multi-tenant-capabilities). 
+
 ## Managing External Identities features
 
 Azure AD B2B collaboration and B2B direct connect are features Azure AD, and they're managed in the Azure portal through the Azure Active Directory service. To control inbound and outbound collaboration, you can use a combination of *cross-tenant access settings* and *external collaboration settings*.
@@ -101,6 +105,8 @@ Cross-tenant access settings let you manage B2B collaboration and B2B direct con
 
 For more information, see [Cross-tenant access in Azure AD External Identities](cross-tenant-access-overview.md).
 
+Azure AD has a new feature for multi-tenant organizations called cross-tenant synchronization (preview), which allows for a seamless collaboration experience across Azure AD tenants. Cross-tenant synchronization settings are configured under the **Organization-specific access settings**. To learn more about multi-tenant organizations and cross-tenant synchronization see the [Multi-tenant organizations documentation](/azure/active-directory/multi-tenant-organizations).
+
 ### Microsoft cloud settings for B2B collaboration (preview)
 
 Microsoft Azure cloud services are available in separate national clouds, which are physically isolated instances of Azure. Increasingly, organizations are finding the need to collaborate with organizations and users across global cloud and national cloud boundaries. With Microsoft cloud settings, you can establish mutual B2B collaboration between the following Microsoft Azure clouds:
@@ -162,8 +168,13 @@ Organizations can enforce Conditional Access policies for external B2B collabora
 
 If you offer a Software as a Service (SaaS) application to many organizations, you can configure your application to accept sign-ins from any Azure Active Directory (Azure AD) tenant. This configuration is called making your application multi-tenant. Users in any Azure AD tenant will be able to sign in to your application after consenting to use their account with your application. See how to [enable multitenant sign-ins](../develop/howto-convert-app-to-be-multi-tenant.md).
 
+### Multi-tenant organizations
+
+A multi-tenant organization is an organization that has more than one instance of Azure AD. There are various reasons for [multi-tenancy](../../active-directory/multi-tenant-organizations/overview.md#what-is-a-multi-tenant-organization), like using multiple clouds or having multiple geographical boundaries. Multi-tenant organizations use a one-way synchronization service in Azure AD, called [cross-tenant synchronization](../../active-directory/multi-tenant-organizations/overview.md#cross-tenant-synchronization-preview). Cross-tenant synchronization enables seamless collaboration for a multi-tenant organization. It improves user experience and ensures that users can access resources, without receiving an invitation email and having to accept a consent prompt in each tenant. Cross-tenant synchronization is currently in preview.
+
 ## Next steps
 
 - [What is Azure AD B2B collaboration?](what-is-b2b.md)
 - [What is Azure AD B2B direct connect?](b2b-direct-connect-overview.md)
 - [About Azure AD B2C](../../active-directory-b2c/overview.md)
+- [About Azure AD multi-tenant organizations](../../active-directory/multi-tenant-organizations/overview.md)

articles/active-directory/external-identities/index.yml

@@ -85,4 +85,19 @@ landingContent:
           - text: Add a self-service sign-up user flow
             url: self-service-sign-up-user-flow.md
           - text: Define custom attributes for user flows
-            url: user-flow-add-custom-attributes.md
+            url: user-flow-add-custom-attributes.md
+  - title: Multi-tenant organizations 
+    linkLists:
+      - linkListType: overview
+        links:
+          - text: What is a multi-tenant organization in Azure AD?
+            url: ../../active-directory/multi-tenant-organizations/overview.md
+      - linkListType: concept
+        links:
+          - text: Topologies for cross-tenant synchronization
+            url: ../../active-directory/multi-tenant-organizations/cross-tenant-synchronization-topology.md
+      - linkListType: how-to-guide
+        links:
+          - text: Configure cross-tenant synchronization
+            url: ../../active-directory/multi-tenant-organizations/cross-tenant-synchronization-overview.md
+             

articles/active-directory/external-identities/media/cross-tenant-access-settings-b2b-collaboration/cross-tenant-sync-tab.png

@@ -70,6 +70,8 @@
     href: authentication-conditional-access.md
   - name: Azure AD B2C (link to documentation)
     href: ../../active-directory-b2c/overview.md
+  - name: Multi-tenant organizations documentation (link to documentation)
+    href: ../../active-directory/multi-tenant-organizations/overview.md
 - name: How-to guides
   expanded: false
   items: