Share via

Azure B2C to External ID missing a lot of functionality

Dean Downes 0 Reputation points
2025-05-14T03:14:23.6566667+00:00

I am looking for guidance in terms of missing functionality in the external ID for external tenant replacement for Azure B2C.

We have some complex scenarios that have been implemented in custom policies such as branched signin buttons that allow manipulation of the email address or username entered based on the button chosen.

As an example we might have 2x identites within a B2C tenant that are the same person BUT they reflect the person in different roles. Based on the button selected the email address may be ******@company.com but one identity will have the username as ******@company.com and the other ******@plumber.company.com.

The button selection is used to take the email entered and prefix the actual email address to select the correct version of the identity required in the flow.

The new External ID does not currently have any custom authentication extensions that are before the actual authentication step. Will this be something that is going to be delivered to allow more complex processing before sending the username/password to the identity store?

Dean

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sanoop M 4,310 Reputation points Moderator
    2025-05-14T09:59:56.86+00:00

    Hello @Dean Downes,

    Please note that still some features are not yet available in External tenants compared to Workforce tenants.

    Since you have mentioned about Custom authentication extensions, I am providing you the details below of what features are currently supported in Workforce and external tenants for Custom authentication extensions.

    Custom authentication extensions allow you to customize the Microsoft Entra authentication experience by integrating with external systems. A custom authentication extension is essentially an event listener that, when activated, makes an HTTP call to a REST API endpoint where you define your own business logic. The following table compares the custom authentication extensions events available in workforce and external tenants.

    User's image

    Please refer to the below document to know about what are all the currently supported features available in Workforce tenant and External tenant in Microsoft Entra External ID.

    External Tenant Features - Microsoft Entra External ID | Microsoft Learn

    I hope the above information provided is helpful. Please let me know if you have any further questions.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.