Azure B2C Functionality for app being marketed to corporations

Henry Petersen 41 Reputation points
2023-02-05T18:07:04.36+00:00

I am writing a SAP that I would like to use B2C to secure, that app will require user's to sign in using there company email. The email may of not be part of an Azure AD Tenant.

Initially I thought that my B2C tenant should be single tenant solution. But I am now thinking that it should be a multi tenant solution an I invite user's as guest user's as my B2C tenant to enable them to access my app.

Just looking for verification that my new thought process is correct

TIA

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,610 questions
{count} votes

Accepted answer
  1. Shweta Mathur 26,721 Reputation points Microsoft Employee
    2023-02-08T11:19:37.6733333+00:00

    Hi @Henry Petersen ,

    Thanks for reaching out and apologies for delay in response.

    As per your query, it seems you are confusing B2B with B2C.

    Azure AD B2B and B2C are two different services that are built on the same technology but for different purposes.

    Azure AD B2B is a feature of Azure AD. It allows organizations to grant access to their applications and services for users from other tenants. From your app perspective nothing changes. It is still same Azure AD app. Azure AD B2B has an API which can be used to create flows for the invitation of users from another directory.

    Whereas Azure AD B2C is another service built on the same technology but not the same in functionality as Azure AD. Azure AD B2C target is to build a directory for consumer applications where users can register with e-mail ID or social providers like Google, FB, MSA, known as Federation Gateway. The goal for Azure AD B2C is to allow organizations to manage single directory of customer identities shared among all applications i.e. single sign-on.

    For B2C tenant, the recommended option is to select Accounts in any identity provider or organizational directory (for authenticating users with user flows)- This is the most common option for apps that are exposed to your customers. You must select this option to authenticate users with Azure AD B2C user flows.

    B2B targets organizations users while B2C targets consumers.

    Microsoft has introduced a new solution which merges B2B and B2C - It is called "External Identities". It is a mechanism to allow you, to have external users, self-registration for them and control on their process, within your Azure AD tenants.

    Reference : https://learn.microsoft.com/en-us/azure/active-directory/external-identities/external-identities-overview

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.


1 additional answer

Sort by: Most helpful
  1. JimmySalian-2011 41,891 Reputation points
    2023-02-05T19:03:12.47+00:00

    Hi Henry,

    That is correct however I do not get what you mean bu Multu tenant solution? To allow access to your application you will need to create the B2C Tenant via your Azure Tenant and publish your application and create user signup signin workflows to allow access to your app.

    Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs.

    Read more in detail at the Microsoft Documentation.

    https://learn.microsoft.com/en-gb/azure/active-directory-b2c/overview

    Hope this helps.

    JS

    ==

    Please Accept the answer if the information helped you. This will help us and others in the community as well.