The difference in authentication between Azure Active Directory B2B and B2C

Azure Active Directory (Azure AD) is Microsoft’s identity provider for the PowerApps portal. I wrote about this in a previous blog. There are multiple ways to deploy Azure AD within the portals and today I’m going to highlight Azure AD B2B and Azure AD B2C.

Choose between Azure AD B2B or B2C

When making a choice between B2B or B2C, it is wise to think about how you will use the Portal, what the situation is in your organization and the trade-off between the advantages and disadvantages of the different methods. I’ll list them for you.

Azure AD is Microsoft’s cloud-based identity and access management service that lets you sign in and access all of your resources. Looking at Azure AD B2B, you can create guest users and external partners while retaining control over your own data. With Azure AD B2B you invite guest users, while the guest users keep their own login details. This makes it easier to maintain accounts and passwords.

Azure AD B2C, on the other hand, allows you to control how users sign up, log in, and manage their profiles. When you use Azure AD B2C, you create a separate Directory in which all external users are stored. In this way, there is a clear separation between internal employees who use your Active Directory and external users who use AD B2C. At the same time, you can enforce different types of security settings, such as MFA or password strength.

Automate Create Portal User Setup

The necessary settings can be automated in Azure. As a solution, in the Dynamics 365 application you use, you can configure a button which sends automatically a Portal invitation to partners or customers. When clicked, this button activates a Power Automation that performs several steps. First of all, with the data of the invited Portal user with Microsoft Graph API, you can create a new user in the Azure Directory (B2C) or send an invitation so that the user (B2B) can log in with their own credentials.