B2B or B2C – That is the question…
Microsoft technologies such as Azure AD B2B and Azure B2C hold out the promise of being able to seamlessly allow third parties to access information in your corporate cloud. For the most part this is true – but there is some significant confusion around which of these technologies should be used.
Let’s clarify this confusion once and for all.
To start, the similarities are right there in the names:
- B2B (Business to Business), and
- B2C (Business to Consumer).
Both products enable your business to effectively collaborate with an “external” entity. External means something – in this case a person – that is not part of your organization.
Speaking of external, it is important to differentiate between Partners and Consumers. Business Partners and Consumers are both external entities but sometimes the lines are blurred when it comes to differentiating between the two. How does a Business “Consumer” differ from a Business “Partner”?
Typically, a Consumer is someone who purchases your goods or services, and a Partner is someone who cooperates with you to enable the goods and services.
The above definition of Consumers and Partners is where the difference begins between the Azure AD B2B and B2C products.
Next, let’s look at some use case examples for each product.
LOB (Line of Business) applications that require collaboration between your employees and business partners, are best integrated with the Azure AD B2B product.
However, Consumer facing applications, which keep user accounts in an isolated directory and require ability to customize the user experience, are best integrated with Azure AD B2C product.
Another way of differentiating Azure AD B2B and B2C products is by looking at the underlying technology for each.
Azure AD B2B is not a product on its own, but is a feature of the corporate Azure AD, or rather the Azure AD authentication service, federated with other Azure AD tenants like Microsoft Accounts (MSA) and, more recently, Gmail. Federated authentication transfers the identity management responsibility to the business partner organization, still allowing granular conditional access control to your LOB applications.
Azure AD B2C is a standalone authentication service product from Microsoft, that just happens to be using an independent instance of Azure AD as identity storage. Azure AD B2C also allows complete customization of end user experience, such as custom branded UI, self-service profile and password management.
Another big differentiator for Azure AD B2C is the ability to allow social identity authentication, this mean using your social accounts like Gmail, Facebook, Twitter etc. to authenticate your identity. As a bonus, this allows extending authentication to employees by federating with your corporate Azure AD.
In summary, Azure AD Business to Business (B2B) is focused on collaboration between two different companies so people can interact and work together with the same application or within the same project. Azure AD Business to Consumer (B2C) is meant for the Consumer that does not require access to internal resources, while granting the ability to login using a single identity that they already have established (like Facebook or Gmail) to access the company’s services.
Avaleris has assisted many organizations with external access initiatives, using either or both Azure AD B2B and B2C technologies, from strategy and architecture to production deployment.
No two architectures are the same and our architects and consultants are always happy to take on new challenges.
If you have any questions about either of these products, or want to discuss an upcoming project, Avaleris would be delighted to sit down and discuss your priorities. Contact us today to set up a call to get you started!
With our team of highly qualified consultants, Avaleris is available to help you identify or realize your security priorities and projects.
Avaleris is your go-to security partner, and is focused on Microsoft 365 for everything Identity, Cybersecurity and Mobility.
Looking for more information on how to increase your security posture?
Contact us and let us help you ensure your organization is ready to take the next step towards secure digital transformation!
Practice Lead, Consumer Identity
Avaleris focuses exclusively on hybrid identity, enterprise mobility, and cloud security, enabling businesses to improve their agility and security while enabling employee productivity and collaboration.
Reach out to us to discuss your project objectives.
1-844-996-9695 • firstname.lastname@example.org • www.avaleris.com