I currenly have an application that is used by multiple organisations(my customers) of which their employees can login to the application.

These organisations can have their own customers. Currenly these customers cannot login or do anything. I want to make it possible for these customers to login and view specific data about themselves. I thought Azure AD B2C would be a good solution for this, but I’m starting to have some doubt about that.

Because these organisations(my customers) all operate in the same field it is possible for their customers to also be a customer of an other organisatie. Users can only exist once in the B2C directory, so how to differentiate between these organisations. Is it possible to use Azure AD B2C for this situation(and would it be a good solution) and if possible how can I implement this?

CodePudding user response：

It would not be very difficult to search the other directories and check if the user exists but what would it really achieve?

The user could just sign up with a different email address in the second B2C environment unless you restrict the email addresses that can be used to self signup.

As for how to implement this there is plenty of documentation how to do this or if you have specific problems with your implementation code please feel free to ask new questions for them.

CodePudding user response：

Is it possible to federate B2C with these organisations?

If so, each federation will be different since the login address will be different e.g. [email protected] vs joe at company2.com.

These users won't be local; they effectively use shadow accounts and so a user can be in B2C multiple times.