In Entra External ID CIAM, will it be possible to add any external identity provider without a verified domain or DNS change?

Craig 15 Reputation points
2024-05-02T17:49:38.2466667+00:00

We have various customers that have IdPs with their own companies and would like to use their identities to log in to our customer-facing applications. In Entra External ID CIAM, will it be possible to add any external identity provider without a verified domain or DNS change? It's not clear how we would federate CIAM users to an external IdP that isn't a social IdP. The lines seem blurred between CIAM and B2B at this point. In a CIAM tenant I would expect to be able to add any external IdP via SAML or OIDC without requiring a verified domain or a DNS change to make it work (this is not a partner relationship). How would I federate to Okta, for example?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,953 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 17,961 Reputation points Microsoft Employee
    2024-05-07T07:27:25.7266667+00:00

    @Craig

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are looking for advisory on adding an IDP in CIAM without a verified DNS.

    Please do correct me if this is not the ask by responding in the comments section.

    As of now we cannot federate any other identity provider with CIAM tenant apart from ones mentioned below.

    The following table compares the identity providers and methods available for primary authentication and multifactor authentication (MFA) in workforce and external tenants.

    User's image

    If you don't have any further queries and the suggestion works as per your business need. Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

    Thanks,

    Akshay Kaushik


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.