Share via

Azure AD B2C vs External ID

Learner-6009 0 Reputation points
2025-02-26T23:36:13.7733333+00:00

I’m trying to find answers regarding the transition from Azure AD B2C to Microsoft Entra External ID, and it would be great if someone could shed some light on this, especially considering the recent announcement that new Azure AD B2C tenants will no longer be created after May 1, 2025.

  1. Advantages, Disadvantages, and Limitations of Microsoft Entra External ID vs. Azure AD B2C
    • Can you point me to a detailed comparison table outlining the advantages, disadvantages, and key limitations of Microsoft Entra External ID versus Azure AD B2C? For example,

Azure Ad B2cExternal IdCustom PolicyNot supportedWhat is the alternative to support all scenarios of custom policyMFA Using Authenticator App?1. Federation with Other Identity Providers and Custom Logic Support

  • Will Microsoft Entra External ID support federation with other identity providers using both SAML2 and OIDC protocols?
  • What is the level of support for custom logic and complex workflows currently implemented in Azure AD B2C custom policies? Will organizations be able to replicate these advanced scenarios seamlessly in Microsoft Entra External ID?
  1. Service Availability by Region
    • Could you provide a list of regions where Microsoft Entra External ID is currently available?
    • For organizations operating in regions where Microsoft Entra External ID is not yet supported, what alternative solutions does Microsoft recommend after May 1, 2025, when the creation of new Azure AD B2C tenants is no longer allowed?
  2. Migration Path from Azure AD B2C to Microsoft Entra External ID
    • Is there currently a defined and automated migration path for transitioning from Azure AD B2C to Microsoft Entra External ID?
    • If not, when can we expect such a migration solution to be available?
    • What best practices or phased strategies do you recommend for organizations planning to migrate while maintaining business continuity?
  3. Impact on Business Models Requiring New B2C Tenants
    • In some scenario, a business might create a new Azure AD B2C tenant for each client's use. However, with the announcement that new B2C tenants cannot be created after May 1, 2025, this could pose a significant operational concern for clients who rely on this model
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,058 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,426 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Navya 15,800 Reputation points Microsoft Vendor
    2025-02-27T02:56:21.8233333+00:00

    Hi @Learner-6009

    Thank you for posting this in the Microsoft Q&A forum.

    To clarify, Azure AD B2C will continue to be supported until at least May 2030 for existing customers. However, starting May 1, 2025, new customers will no longer be able to purchase Azure AD External Identities P1 and P2. Existing Azure AD B2C tenants will remain fully operational, including the ability to create new tenants or user flows.

    Comparison: Azure AD B2C vs. Microsoft Entra External ID (CIAM)

    Feature Azure AD B2C Microsoft Entra External ID (CIAM)
    Custom Policies Supports complex XML-based custom policies Not supported, but designed to handle equivalent use cases with simpler configurations
    User Flows Available Available, with improved experience
    UI Customization Full control over HTML and CSS Limited to branding and styling options
    Identity Provider Federation Supports OIDC & SAML Supports OIDC, SAML, WS-Fed, and social logins (Google, Facebook, Apple, etc.)
    Security & Compliance Standard security policies Enhanced security with risk-based authentication & adaptive access
    Developer Experience XML-based configurations More intuitive and low-code/no-code approach

    For more information Supported features in Microsoft Entra External ID

    Microsoft Entra External ID supports federation with other identity providers using SAML2, OIDC, and WS-Fed protocols.

    Regarding custom logic and complex workflows, custom policies are not supported in Microsoft Entra External ID. However, the platform is designed to offer equivalent capabilities through built-in user flows, API connectors, and extensibility options.

    Microsoft Entra External ID is a customer identity and access management (CIAM) solution that stores and manages data in a separate tenant created for your customer-facing apps and customer directory data. This tenant is called the external tenant. When you create an external tenant, you have the option to select the geographic location for data storage.

    Currently, there is no automated migration process publicly available. The migration solution is under testing and will be released for public preview in the future.

    For updates on its availability, please follow: Microsoft Entra External ID: What's New.

    For organizations that currently create a new Azure AD B2C tenant for each client, the inability to create new tenants after May 1, 2025, may impact operations. Businesses that heavily depend on creating new B2C tenants for each client may need to reevaluate their operational processes and business models. They might need to consider alternative approaches or solutions to accommodate this change. You can consider alternative approach as Microsoft Entra External ID if strict tenant separation is required.

    Hope this helps. Do let us know if you any further queries.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.