.net web application with internal and external users using Entra External ID

Question

I'm trying to build a single application that will be used by my organization's users as well as customers. I've been exploring Entra External ID as a method for customers to sign in/register, but it looks like I can't use cross tenant synchronization rules to bring my workforce users in so they can use the same sign in flow.

Am I using the wrong product for this app scenario or would Azure AD B2C be bettter? Is there a way to configure the app to have one login screen for employees and forward to Entra External's ciam portal for customers?

Answer 1

Hi Cory Strickland ,

Thanks for reaching out and apologies for delay response.

Let me clarify the differences between Entra External ID and Azure AD B2C:

• Azure AD B2C is Microsoft's legacy solution for customer identity and access management (CIAM).
• Microsoft Entra External ID is a solution that supports both consumer authentication and B2B collaboration, making it suitable for a wide range of applications.

Since you want to create a single application for both internal users (Microsoft Entra accounts) and external customers, Microsoft Entra External ID would be the recommended approach. It enables you to build sign-in experiences for both consumer- and business-facing applications.

By default, Microsoft Entra ID and Microsoft accounts are the primary identity providers. This means that when you share your app or resources with external users, Entra ID serves as the default authentication provider. If an external user already has a Microsoft Entra account or a Microsoft account, they can sign in seamlessly without requiring additional configuration on your end.

Reference - https://learn.microsoft.com/en-us/entra/external-id/identity-providers

https://learn.microsoft.com/en-us/entra/external-id/external-identities-overview

Hope this will help.

Please let me know if you have further questions.

Thanks,

Shweta

Please remember to "Accept Answer" if answer helped you