Contents

Summary

A standard product or service supporting DfE facing services to authenticate user identity, where that user is a Civil Servant, contractor or managed service provider, working on behalf of Government departments.

Categories

The categories applicable to this standard are:

Architecture
  • Security Architecture
Technical
  • Security Management

Purpose

Consistent use of identity platforms provides a foundation to develop joined-up end-to-end user journeys across our services. This enables the delivery of tailored solutions and access privileges which are linked to the user’s role and aligned to their needs.

'Identity' within this standard refers to how our services utilise user identities to authenticate and authorise access to services.

B2E (Business-to-Enterprise) within this standard refers to identity segment for services provided for Civil Servants, contractors and managed service providers working on behalf of Government departments.

How to meet this standard

Apply the standard in your work.

Approved products

Approved product or service

Product or service
Microsoft Entra ID
Vendor
Microsoft
Version
Evergreen
Use-case
Guidance required from Infrastructure and Platforms team to ensure the correct tenant is used

Tolerated products

Tolerated product or service

Product or service
Azure AD B2B
Vendor
Microsoft
Version
Evergreen
Use-case
For legacy B2E guest invite implementations

Declaring conformance with this standard

Conformance with the standard must be recorded every 12 months.

Owner and contacts

Standard owner
Martin Sivorn
Chief Information Security Officer
Other point of contact
Dom Harley
Senior Product Manager