Identity Focus

Entra External ID

For new CIAM (customer identity) projects, Microsoft now recommends using the next-generation platform – Microsoft Entra External ID, which unifies B2B and B2C scenarios

B2B

Business-to-Business (B2B) scenarios are typically directed at partners. In this model, guest users are added to your tenant—these could be users from other Entra ID tenants, Microsoft accounts, Gmail, etc. Once invited, these external users can collaborate and access resources within your environment.

Licensing model:
The billing works on a 1:5 ratio. For every 1 user licensed with Entra ID P1 or P2, you can have up to 5 guest users with the same level of access and functionality.

Key points:

  • Guests are added via invitation.
  • Their accounts exist as objects within your tenant.

B2C

Business-to-Consumer (B2C) is targeted at customer-facing applications. Unlike B2B, you generally don’t want customer identities residing in your primary tenant. Instead, you set up a separate B2C tenant, allowing customers to sign in with:

  • Social identities (e.g., Google, Facebook)
  • Local accounts (created specifically for them)

Customization:
You can fully tailor the user experience — from user flows and CSS to the onboarding process.

Billing model:
Based on Monthly Active Users (MAU) — i.e., the number of users who have authenticated in a given month.
Note: Multi-Factor Authentication (MFA) may incur additional costs.

Microsoft Entra External ID

Microsoft Entra ExternalID consolidates both B2B and B2C under one umbrella — though with a strong focus on B2B. The most significant enhancements currently lie in the B2B space through Entitlement management (Access packages)

Found under Entra ID > Identity Governance > Entitlement Management, this feature allows you to manage access to internal resources (e.g., Teams, SharePoint, Groups) for external partners.

Billing for external identities can also be calculated based on monthly active users (MAU) and multi-factor authentication (MFA) usage, managed via a “Linked subscription” within the External Identities settings

Future of B2C?

Microsoft is pushing Entra External ID for both B2B and some B2C-like scenarios, especially for business Enterprise apps that serve external users. (B2C will remain unchanged under external Identities)

“Effective May 1, 2025, Azure AD B2C will no longer be available to purchase for new customers. Microsoft Entra External ID represents the future of CIAM for Microsoft, and new features and capabilities will be focused on this platform.”