We are building an application, and as part of it want to be able to grant users access to certain Azure resources, which requires them having an AAD user.
We are currently using Auth0 to authenticate users, which has the great advantage of being able to use external authentication such as LinkedIn. We are prepared to change this if there is a better solution.
Azure B2C seemed like a good option, as this does something similar, but in our testing we found that while an AAD user is created, we are unable to assign IAM permissions to these users to grant them access to resources. Is this correct?
The other approach we have is to simply create an AAD user for people who log into our app, but we want to avoid people needing two sets of authentication, and instead provide a more SSO solution. Is there a better approach that we have missed?