Supported Azure Active Directory features
An Azure Active Directory B2C (Azure AD B2C) tenant is different than an Azure Active Directory (Azure AD) tenant, which you may already have, but it relies on it. The following Azure AD features can be used in your Azure AD B2C tenant.
| Feature | Azure AD | Azure AD B2C |
|---|---|---|
| Groups | Groups can be used to manage administrative and user accounts. | Groups can be used to manage administrative accounts. You can't perform group-based assignment of enterprise applications. |
| Inviting External Identities guests | You can invite guest users and configure External Identities features such as federation and sign-in with Facebook and Google accounts. | You can invite only a Microsoft account or an Azure AD user as a guest to your Azure AD tenant for accessing applications or managing tenants. For consumer accounts, you use Azure AD B2C user flows and custom policies to manage users and sign-up or sign-in with external identity providers, such as Google or Facebook. |
| Roles and administrators | Fully supported for administrative and user accounts. | Roles are not supported with consumer accounts. Consumer accounts don't have access to any Azure resources. |
| Custom domain names | You can use Azure AD custom domains for administrative accounts only. | Consumer accounts can sign in with a username, phone number, or any email address. You can use custom domains in your redirect URLs. |
| Conditional Access | Fully supported for administrative and user accounts. | A subset of Azure AD Conditional Access features is supported with consumer accounts Learn how to configure Azure AD B2C conditional access. |
| Premium P1 | Fully supported for Azure AD premium P1 features. For example, Password Protection, Hybrid Identities, Conditional Access, Dynamic groups, and more. | Azure AD B2C uses Azure AD B2C Premium P1 license, which is different from Azure AD premium P1. A subset of Azure AD Conditional Access features is supported with consumer accounts. Learn how to configure Azure AD B2C Conditional Access. |
| Premium P2 | Fully supported for Azure AD premium P2 features. For example, Identity Protection, and Identity Governance. | Azure AD B2C uses Azure AD B2C Premium P2 license, which is different from Azure AD premium P2. A subset of Azure AD Identity Protection features is supported with consumer accounts. Learn how to Investigate risk with Identity Protection and configure Azure AD B2C Conditional Access. |
| Data retention policy | Data retention period for both audit and sign in logs depend on your subscription. Learn more about How long Azure AD store reporting data. | Sign in and audit logs are only retained for seven (7) days. If you require a longer retention period, use the Azure monitor. |
| Go-Local add-on | Azure AD Go-Local add-on enables you to store data in the country/region you choose when your Azure AD tenant. | Just like Azure AD, Azure AD B2C supports Go-Local add-on. |
Note
Other Azure resources in your tenant:
In an Azure AD B2C tenant, you can't provision other Azure resources such as virtual machines, Azure web apps, or Azure functions. You must create these resources in your Azure AD tenant.
Feedback
Submit and view feedback for