we are building an application (Azure website) where we want people to be able to log in with local accounts (created in Azure) but also with their Office365 account. Of course, it would be great if we could add Google Workspace etc. to enable SSO.
What we like about Azure AD B2C is that you can set up your own login flows for login, password reset etc. I don’t think the same thing seems to exist in Azure AD B2B.
So should we use Azure AD B2B or B2C or B2B with External Identities?
Our requirements:
- Support for local logins
- Support for Microsoft work accounts (Office365)"
- I hope this helps! Let me know if you have any other questions
- Use login flow if possible (only B2C?)
So not sure if I should go for B2B or B2C (default only MS personal accounts).
I think it’s really hard to figure out the difference between B2B and B2C (of course by the name it should be against business/consumers).
https://learn.microsoft.com/en-us/azure/active-directory/external-identities/what-is-b2b https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview
Agree it's confusing, especially as Entra External ID (CIAM) is in the mix.
You could use B2C and set up O365 as an external IDP.
Then you could log in with local B2C accounts, O365 accounts and any other OIDC-based / SAML accounts.