Share via

How to limit B2C app access?

ScottM 331 Reputation points
2020-08-07T14:04:00.053+00:00

When creating the B2C app registration in Azure you have 3 options:

"Who can use this application or access this API?

Accounts in this org directory only (My company AAD)
Accounts in any org directory (Any Azure AD Directory - Multitenant)
Accounts in any org directory or any identity provider. For authenticating users with Azure AD B2C."

I have the following B2C questions.....

  1. For B2C app, how do you limit B2C app access to my company AAD plus one other external / customer AAD?
  2. How do you restrict which users within a given AAD have access to this app?
  3. How does this contrast with limiting user app access in Azure Enterprise App?
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,541 Reputation points Moderator
    2020-08-10T07:19:14.64+00:00
    1. You can leverage Azure B2C Custom policies and add 2 Azure AD identity providers.
    2. Trough Restrict your Azure AD app to a set of users in each of the Azure AD apps used by B2C for federation hosted in each of the Azure AD identity provider tenants.
    3. Azure AD Enterprise Apps is involved with #2.
    0 comments
  2. Robert 1 Reputation point
    2021-05-30T13:27:51.877+00:00

    Does #2 imply that each of your application tenants require a separate Azure AD tenant with a subscription to manage users/roles?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.