Creating an SSO Connection for Microsoft Azure B2C

Problem statement

There is a business need to enable single sign-on for users across two IdPs (Microsoft Azure B2C and Auth0), and it is necessary to understand how to federate authentication.

  • Is this achieved by enabling enterprise/social connection in the auth0 tenants or something else?
  • Is it possible to do this when the domain exists on the Enterprise connection as well as auth0 (i.e., some users with the domain exist in -Microsoft Azure B2C and others with same domain in Auth0)?

Solution

Microsoft Azure B2C is a ‘white-label’ solution that provides business-to-customer identity as a service.

Azure AD B2C is not the same as standard Azure AD, and historically, it has not shared all of the same federation capabilities that Azure AD has.

We don’t officially test or document support for Azure AD B2C as an Enterprise/Social identity provider because it’s not an Enterprise/Social identity provider. It’s an identity front-end for apps, just like Auth0.

However, Azure AD B2C does claim to support OIDC and SAML today.

It may be possible to use the Auth0 SAML or OpenID Connection connection type with Azure AD B2C.

However, as this Microsoft product is not formally supported by Auth0, we are unable to provide any guarantee that customer’s integration attempts would succeed.