Website Toolbase

Azure External Identities

Microsoft External Identities enable organizations to securely manage access for users who are outside their organization, such as customers, partners, or other businesses. External identities can be categorized into B2B (Business-to-Business) and B2C (Business-to-Consumer).

1. B2B (Business-to-Business)

B2B allows organizations to collaborate securely with external partners, contractors, or other businesses.

Key Features:

  • Invitation-Based Access: External users (partners, contractors) are invited via email. They accept the invitation to access shared resources.

  • Redemption: The external user redeems the invitation by clicking a link to authenticate with their own credentials.

  • External User Management via APIs:

    • Invitation API: Send and track external user invitations.

    • Access Reviews API: Review and manage external user access.

How It Works:

  1. An admin invites an external user via Azure AD B2B.

  2. The external user receives an email invitation with a redemption link.

  3. The external user accepts the invitation, authenticates, and gains access to resources.

Advantages:

  • Secure collaboration using external credentials.

  • Granular access control and permissions.

  • Scalable to manage large numbers of external users.

2. B2C (Business-to-Consumer)

B2C enables organizations to manage authentication for consumer-facing applications, allowing customers to sign up and log in with their own identities.

Key Features:

  • Self-Service Sign-Up and Sign-In: Customers can register and sign in using their social accounts (Facebook, Google, etc.) or local accounts (email/password).

  • Customizable User Journeys: Design and customize sign-up, sign-in, and profile management flows.

  • Integration with External Identity Providers: Customers can log in with external services like Google or Facebook.

How It Works:

  1. Customers sign up or log in using social or local identities.

  2. Custom user journeys can be set up to tailor the authentication process (e.g., multi-factor authentication).

  3. Customers gain access to your application or service.

Advantages:

  • Simplified authentication for customers using existing identities.

  • Scalable for millions of consumers.

  • Flexible customization of the user experience.

B2B vs. B2C Comparison

User Type

External business users (partners, vendors)

External customers (end-users)

Authentication

Existing business identities (Azure AD, Google)

Social or local identities (Facebook, Google, email/password)

Invitation Process

Invitation-based access

Self-service sign-up and sign-in

User Journey

Simple access and permission management

Customizable sign-up and authentication flows

Target Audience

Business partners or contractors

Individual consumers accessing services

Typical Use Case

Share resources (apps, data) with external businesses

Provide access to consumer applications or services

PreviousAzure AD Identity TypesNextHybrid Identities

Last updated