Implementing and managing identity securely and efficiently is crucial for your applications. Microsoft offers a variety of external identity solutions designed to cater to different end-user segments, including external business partners, consumers, and business customers.

In this third blog post of the series, we explore both new and existing solutions. Our goal in this blog post is to provide you with helpful, scenario-based guidance so you can confidently select the option best suited to your needs.

We focus on Microsoft Entra External ID, a solution that makes secure and customizable identity management simple. While External ID supports many external identity scenarios, these are two of the most common we see with customers:

• To manage customer identity and access, use External ID to quickly add authentication to your consumer applications.
  • This scenario requires a Microsoft Entra tenant with an external configuration.
• To enable employees to collaborate with business partners and guests, use External ID for B2B collaboration. Grant secure access to enterprise apps and resources via invitation or self-service sign-up.
  • This scenario requires a Microsoft Entra tenant with a workforce configuration.

Note: There are some key feature differences across external and workforce tenants. For a detailed comparison of tenant-specific features and capabilities, see our docs.

External identity key features

A range of capabilities are available in solutions we look at in this blog post, including the ability to:

• Customize the look and feel of the sign-up and sign-in experience
• Add bespoke business logic and retrieve user data
• Provide self-service account management
• Allow users to sign up with their social identities (such as using Google or Facebook)
• Analyze user activity

Note: The above capabilities are available at various stages of release, depending on the product, and some are exclusive to a particular solution. We recommend referring to product-specific documentation below to explore the most up-to-date information on available features and functionality.

External identity use cases

Securing customer-facing applications

Microsoft Entra External ID

Microsoft Entra External ID is our latest, next-generation, developer-friendly customer identity and access management (CIAM) solution, enabling you to quickly integrate identity into customer-facing applications. It represents the convergence of Microsoft Azure Active Directory (AD) B2C (see below) features into the Microsoft Entra platform.

You benefit from enhanced security and the ability to efficiently scale your identity and access management processes. It also provides a streamlined and intuitive user and developer experience, as well as useful developer tools and documentation.

To explore Microsoft Entra External ID features and capabilities for CIAM, see our docs. To jump straight in and start building a sample app, see our get started guide.

Azure AD B2C

Azure AD B2C is our existing CIAM solution—supporting millions of users and billions of authentications daily.

To explore Azure AD B2C features and capabilities, see our docs.

Choosing between External ID and Azure AD B2C

Use the next generation Microsoft Entra External ID platform, if:

• You’re starting fresh, building identity into your application, or you’re in the early stages of product discovery and its current features meet your requirements.
• The benefits of rapid innovation, new features, and added capabilities are a priority.

Use Azure AD B2C, if:

• External ID doesn’t currently meet your needs.

Inviting external guests to collaborate with your workforce

External ID B2B collaboration

Microsoft Entra External ID includes collaboration capabilities that enable an organization’s workforce to work securely with external business partners and guests, even if they don’t have Microsoft Entra ID or an IT department. A simple invitation process lets organization partners use their own credentials, via a self-service sign-up experience, to access a company’s resources.

You can use External ID B2B APIs to customize the invitation process or write applications like self-service sign-up portals.

To explore External ID B2B collaboration features and capabilities, see our docs. For a list of commonly asked questions, see our External ID B2B collaboration FAQs.

Azure AD B2B collaboration

Azure AD B2B functionality, allowing external business partners and guests to collaborate with an organization, has been rebranded and is now part of Microsoft Entra External ID as External ID B2B collaboration (see above).

FAQs

Is Microsoft Entra External ID a new name for Azure AD B2C?

• No, it’s not a new name for Azure AD B2C. Microsoft Entra External ID is our next generation CIAM solution that combines CIAM use cases and B2B collaboration features into one unified platform.

How does Microsoft Entra External ID improve upon Azure AD B2C?

• Microsoft Entra External ID represents the convergence of Microsoft Azure AD B2C features into the broader Microsoft Entra platform, offering enhanced security, scalability, and compliance. It provides a more intuitive user experience with improved self-service capabilities, and a more comprehensive developer experience through better tools and documentation.

How is External ID licensed?

• Microsoft Entra External ID pricing is based on monthly active users (MAU), which is the count of unique users with authentication activity within a calendar month. External ID consists of a core offer and premium add-ons.

I’m a developer, where can I get started with External ID?

• You can find the latest resources and information for developers in our Developer Center.
  • Create an external tenant and follow our quick start guides to set up a tenant and run your first sample.
  • Use our tutorials to learn how to build and integrate your consumer and business customer apps with External ID.
  • Use the Microsoft Entra External ID extension for Visual Studio Code. This extension offers a seamless, guided experience that enables you to create and configure a sample External ID application entirely from within VS Code.
  • Use the Microsoft Entra External ID integration with Azure App Service. Learn how to quickly enable authentication for your customer-facing web apps running on Azure App Service and limit access to users in your organization.

Visit our docs for a more comprehensive list of frequently asked questions on Microsoft Entra External ID.

Let’s recap

Choosing the right identity management solution is pivotal to ensuring security, enhancing the user experience, and maintaining operational efficiency. Microsoft Entra External ID, Azure AD B2C, and External ID B2B collaboration serve different needs, from managing business partner collaborations to providing seamless external customer interactions.

Microsoft Entra External ID stands out with its unified approach, integrating advanced security, compliance, and scalability features from the Entra platform, while also offering an intuitive user and developer experience.

Stay connected and informed

To learn more about Microsoft Entra External ID and explore further resources, visit our developer center. Stay updated on the latest developments by subscribing to the Identity developer blog and following us on YouTube for video overviews, tutorials, and deep dives.