In this post, I discuss the features of Azure Active Directory B2B (AAD B2B) and Azure Active Directory B2C (AAD B2C), the differences between them and when to use one vs the other.
AAD B2B
In B2B, the B stands for Business. AAD B2B allows external organizations to connect to your apps. For instance, AAD B2B has features to automatically manage the user based on the user’s identity, offshore the management to the original organization from where the user’s identity comes from, or let the user self manage the account. Examples of what you can do with AAD B2B:
- Use Dynamic Groups to automatically assign a user to a group based on attributes such as the user’s email, userType, companyName etc …
- Allow a user to self manage the account or request access to applications via MyApps portal.
- Allow a user to sign in once to use applications which the user has access.
- Delegate access management to application and group owners. For example, you can register an application and grant a group access to the application. The group’s owner can add other users to the group. Effectively, you delegate the access management to the group’s owner who may belong to your organization or an external organization.
- Allow the host organization to enforce access…
