Trying to get your head around Azure B2B versus Azure B2C. I found an excellent YouTube video by John Savill. Check it out:
Azure B2B
- Is used in conjunction with Azure AD, no separate product.
- Is used to give business partners access to all resources that are linked to Azure Active Directory. This can be either Office365 (incl. SharePoint) or other Azure resources like web apps.
- B2B users can be either users from a federated AAD of a partner company (eg Motion10 users) or it can be users with an account from a social provider. The social provider can be Microsoft, Google, Twitter, Facebook, GitHub or otherwise, but before granting admission all users will be asked to create a Microsoft account (which in turn can still have the GMail account as the username.
- Guest users can be invited one-by-one via the Azure Portal (AAD/Users/Add Guest User) or in bulk via PowerShell or a self-service portal that can be downloaded via GitHub.
- Result: Authentication occurs in external identity provider. Authorization in the client’s Azure Active Directory. You need one AAD license for 5 B2B guest users in you are using AAD Premium (not for Free and Office365).
Azure B2C
- Is a separate product, not linked to Azure Active Directory.
- Gives external users access to customer facing resources like web apps and mobile apps. So, access is limited as compared to B2B.
- External users can have a B2C local account, an account from a social provider (Microsoft, Google, Facebook, etc.) or can be an Azure Active Directory account.
- Information at: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview
