This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 16%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Based on our understanding of the Azure AD B2C, below are the possible options to invite external users to setup an Azure AD B2C (Local account) using user flows:
Are there better ways to invite users without directly sending signup flow link or setting up a temporary password?
Hey Shamayel,
U can try sending custom email invites with a link to the sign-up flow, so users can kick things off themselves. If u wanna get fancy, u can use Azure AD B2C’s custom policies and APIs to build a more seamless experience like an API that shoots an invite link straight to their email.
Other option is to enable self service sign-up in ur user flow, letting users register on their own without needing an invite. U can tweak the flow to add any extra checks or approvals u need. If u’re using Microsoft Entra External ID, that can help manage external identities more easily and cut down on the hassle.
and don’t forget about third party identity providers like Google or Facebook. Letting users sign up with their existing accounts can save u a ton of manual work. Just pick the method that vibes best with ur setup and keeps things easy for ur users.
rgds,
Alex
Hey Shamayel,
U can try sending custom email invites with a link to the sign-up flow, so users can kick things off themselves. If u wanna get fancy, u can use Azure AD B2C’s custom policies and APIs to build a more seamless experience like an API that shoots an invite link straight to their email.
Other option is to enable self service sign-up in ur user flow, letting users register on their own without needing an invite. U can tweak the flow to add any extra checks or approvals u need. If u’re using Microsoft Entra External ID, that can help manage external identities more easily and cut down on the hassle.
and don’t forget about third party identity providers like Google or Facebook. Letting users sign up with their existing accounts can save u a ton of manual work. Just pick the method that vibes best with ur setup and keeps things easy for ur users.
rgds,
Alex
Hi @Alex Burlachenko ,
Thank you for providing options.
We need to ensure that only invited users, whether they signed up using Email ID and password or through OpenID Connect, can sign up to Azure AD B2C. In other words, only users who receive an invitation from our application should have the option to sign up.
Is there any way we can send a sign-up flow link that includes the email ID, so that users can only sign up with the invited email ID? Currently, when we send the sign-up user flow endpoint to users, they have the ability to enter any email ID and register in B2C, which is not what we want.
Shamayel hi again :)
u can use custom policies in b2c. these let u tweak the sign-up process big time. u can set it up so it checks if the email’s in a pre-approved list, like a db or somethin’. if the email ain’t in the list, boom, no sign-up for ‘em.
another trick is to pre-fill the email in the sign-up link. like, u send ‘em a link with their email already in it, so they can’t change it. u just add the email as a query param in the url, somethin’ like https://yourtenant.b2clogin.com/yourtenant.onmicrosoft.com/oauth2/v2.0/authorize?client_id=yourclientid&response_type=code&scope=openid&redirect_uri=yourredirecturi&email=inviteduser@example.com. then, in the custom policy, u grab that email and auto-fill it in the form. make sure they can’t edit it, tho.
or, u can go the invitation code route. u generate a unique code for each invite, stash it in a db, and send it to ‘em in the link. when they hit the sign-up flow, u ask for the code and check if it matches the one in the db. no match? no sign-up.
if all ur invited users are from specific domains, like ur company domain, u can just restrict sign-ups to those domains. u can do this in the user flow settings or with custom policies.
lastly, if u can’t lock it down during sign-up, u can do it after. once they sign up, u check if their email’s in the invited list. if not, u just disable or delete their account.
so yeah, u got options. custom policies, pre-filled emails, invitation codes, domain restrictions, or post-sign-up checks.
rgds,
Alex
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 68%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKS%3C/text%3E%3C/svg%3E)
Hi @Shamayel,
Thank you for posting your query on Microsoft Q&A. I am Saiteja from Q&A will be assisting you with your query.
Based on your query, I understand you would like to have sign up for specific audience.
In addition to @Alex Burlachenko I would like to add my points to make it easy with a different method.
Since you would like to have sign up for specific audience, you can create a custom attribute and import it to the user flow to restrict the sign up.
Here is the GitHub document to check if this can help you achieving your end goal: active-directory-node-b2c-user-flow-invitation-code.
Here is another possible way to send the email address as ID token hint which allows users to create their account: SignUp with email invitation
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment"
Hi @Shamayel,
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.