7

I need to support work accounts (or school accounts) with AzureAD B2C.

I already have an existing base of Facebook clients and Google. However, when I configure the Microsoft endpoint, I only get the liveID option.

Is there a way to use a custom B2C signup policy to use AAD? What other solutions exist?

TLDR
  • 1,198
  • 1
  • 12
  • 31
  • 1
    Somehow this very broad question received 5 upvotes and this question ended up as [an audit](https://stackoverflow.com/posts/49133390/timeline). This simply needs to be closed. – K.Dᴀᴠɪs Mar 27 '18 at 18:04
  • 2
    With respect to @K.Dᴀᴠɪs and the other closers, I don't understand why this is too broad. Azure AD B2C "flavor" doesn't have a clear-cut way to authenticate AzureAD/Office365 accounts. This question attempts to connect the Identity Providers in a consistent and logical way. Furthermore there is an answer that bridges the authentication silos. – TLDR Jul 15 '18 at 15:45

1 Answers1

5

You can use Custom Policies to enable sign-in for users from a specific Azure AD. You can refer to this guide to achieve that.

However, I also want to make clear that these AAD accounts is not be authenticated for Office 365. When you use Azure AD accounts to sign-in AAD B2C applications, Azure AD is just as a identity provider in Azure AD B2C like others, such as Microsoft Account and Google+.

Hope this helps!

Wayne Yang
  • 9,016
  • 2
  • 20
  • 40
  • Do you know if it is only possible to use a single tenant there or is it possible to allow any tenant to sign in by using custom policies? – juunas Mar 06 '18 at 17:23
  • 2
    Hi @juunas. Custom policies can support both the single- and multiple-tenant scenarios. See [Multi-tenant Azure AD in Azure AD B2C ](https://stackoverflow.com/questions/48897555/multi-tenant-azure-ad-in-azure-ad-b2c/49019341) for how to federate Azure AD B2C with Azure AD's common endpoint for multiple tenants. – Chris Padgett Mar 06 '18 at 21:36
  • Is any token returned that allows for graph access using a different library? (e.g. B2C Facebook auth allowing FB access, B2C AAD auth allowing graph access?) – TLDR Mar 06 '18 at 22:35
  • @TLDR Did you ever work out if this is possible? Trying to work out how to approach a similar problem and require using AAD to sign in but need access to the graph. – Adam Stapleton Feb 20 '19 at 22:58
  • I've tried the AZ AD single-tenant, and read about the AZ AD multi-tenant approaches but both approaches seem to be creating an extra button for each AD login instance. Is it possible to have a single "Log in with Work Account" button and internally handle the redirect to the right AD? – J.J Jun 09 '21 at 15:44