Azure External Identities

Microsoft External Identities enable organizations to securely manage access for users who are outside their organization, such as customers, partners, or other businesses. External identities can be categorized into B2B (Business-to-Business) and B2C (Business-to-Consumer).

---

1. B2B (Business-to-Business)

B2B allows organizations to collaborate securely with external partners, contractors, or other businesses.

Key Features:

• Invitation-Based Access: External users (partners, contractors) are invited via email. They accept the invitation to access shared resources.

• Redemption: The external user redeems the invitation by clicking a link to authenticate with their own credentials.

• External User Management via APIs:

  • Invitation API: Send and track external user invitations.

  • Access Reviews API: Review and manage external user access.

How It Works:

1. An admin invites an external user via Azure AD B2B.

2. The external user receives an email invitation with a redemption link.

3. The external user accepts the invitation, authenticates, and gains access to resources.

Advantages:

• Secure collaboration using external credentials.

• Granular access control and permissions.

• Scalable to manage large numbers of external users.

---

2. B2C (Business-to-Consumer)

B2C enables organizations to manage authentication for consumer-facing applications, allowing customers to sign up and log in with their own identities.

Key Features:

• Self-Service Sign-Up and Sign-In: Customers can register and sign in using their social accounts (Facebook, Google, etc.) or local accounts (email/password).

• Customizable User Journeys: Design and customize sign-up, sign-in, and profile management flows.

• Integration with External Identity Providers: Customers can log in with external services like Google or Facebook.

How It Works:

1. Customers sign up or log in using social or local identities.

2. Custom user journeys can be set up to tailor the authentication process (e.g., multi-factor authentication).

3. Customers gain access to your application or service.

Advantages:

• Simplified authentication for customers using existing identities.

• Scalable for millions of consumers.

• Flexible customization of the user experience.

B2B vs. B2C Comparison

User Type	External business users (partners, vendors)	External customers (end-users)
Authentication	Existing business identities (Azure AD, Google)	Social or local identities (Facebook, Google, email/password)
Invitation Process	Invitation-based access	Self-service sign-up and sign-in
User Journey	Simple access and permission management	Customizable sign-up and authentication flows
Target Audience	Business partners or contractors	Individual consumers accessing services
Typical Use Case	Share resources (apps, data) with external businesses	Provide access to consumer applications or services