How can we improve Azure Active Directory?

← Azure Active Directory

Can i use Azure AD B2B collaboration together with Azure AD B2C within one tenant?

For external customers we will use Azure AD B2B to login in and for external users (from custom domains i.e. Hotmail.com, Outlook.com) we would like to use Azure AD B2C to log on.

So, one tenant with Azure AD B2B extension and Azure B2C extension coexisting.

34 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Etienne shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Artur Anbild commented  ·   ·  Flag as inappropriate

    MY company has a large network of customers, vendors and contractors. We decided to use Azure B2B as the main federation mechanism, but we have a strong need to support social logins as well. Combination of B2B and B2C in one tenant would be ideal in our case.

  • Nick commented  ·   ·  Flag as inappropriate

    I would also like to see this.

    Azure B2B is great for partners with a properly configured AAD Tenant.

    However many organisations do not have this. Using B2B then just in time provisions accounts for these user. These creates an account where no one is owning the JML process. (We assume the guests organizational will manage it, that organization has no idea the account exists)

    B2C, with custom policies, gives us more control over re-certification and approval processes.

    It would be great to use B2C to login to office365 and enterprise applications registered in an organization AAD

  • Alex Bedig commented  ·   ·  Flag as inappropriate

    One use case is streamlining the migration from an internal app to a customer-facing one. As it stands today, there are different customer records and a migration and synchronization process between the two tenants that must be addressed by the developer, i.e. it is not "you have users in your directory, now we can create a different authentication path and support the same user accounts via configuration." This would reduce friction in using B2B's invitation system as an entry point for partners while doing early betas (super easy to get started), prior to rolling out with B2C as the primary front door to the commercial offering.

  • Neil G. commented  ·   ·  Flag as inappropriate

    Or alternatively if we could use the Office 365 azure primary tenant AD for Org based auth and B2B user auth, and then Trust/Link to a 2nd azure AD in same tenant for B2C.

    Or if the Primary Azure AD could use B2B to invite security groups in the B2C AD....

    Something like that would work for me.

Azure Active Directory: B2B

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice