Setup b2c SSO among multiple apps options

Vikas Tiwari 766 Reputation points


We want to implement b2c SSO using custom policies on following scenario:

1) User logs into web app using b2c signin-singup policy (works fine).
2) After signin, web page displays links to call another web apps and when signed in user clicks on link, he/she should be able to access without signin using SSO.
3) One app is hosted on aws and others are hosted in azure.

I have gone through b2c SSO documentation and understood its various options to setup SSO.
I wanted to know, how to setup SSO in multi cloud env, accessing AWS webapp through B2C SSO.

Appreciate your help, if you can provide any github sample or documentation which walks through above scenario.


Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,453 questions
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,096 Reputation points

    Hi @Vikas Tiwari · Thank you for reaching out.

    In order to provide SSO experience to users on multiple applications, federated with same Azure AD B2C tenant (regardless of whether applications are hosted in same or different cloud environment) you need to set SingleSignOn Scope="Tenant" parameter in the RP file as mentioned below:

       <SingleSignOn Scope="Tenant" />  

    With SingleSignOn Scope="Tenant" set, once a user signs into an application, he/she can seamlessly sign into another application upon accessing it.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

0 additional answers

Sort by: Most helpful