Microsoft Azure Security Technologies (AZ-500)

The action that should be taken to allow an external partner to sign into an Azure AD tenant after receiving a generic authorization exception is to modify the External collaboration settings.

In Azure Active Directory, External collaboration settings determine how external users, such as partners, collaborators, or clients, can access resources and applications. When an external partner receives an authorization exception, it typically indicates that their access needs to be properly configured within these settings. Modifying these settings allows administrators to define whether external users can be invited, how they authenticate, and what permissions they might have. This can include allowing guest accounts, setting link expiration times, or restricting access to certain resources.

Addressing external collaboration settings directly aligns with the requirements of ensuring that external partners have the necessary permissions to sign in and access required services securely. Other options, such as assigning roles, adding an identity provider, or adding a custom domain, may not specifically resolve issues related to guest access permissions within the tenant.