Microsoft Entra External ID is used for our external vendors and consultants to access our systems for remote work.
Pros
Locks down where and what can be accessed
Logs the remote connection
Keeps our data secure
Cons
Dashboard could be a little cleaner
Little easier to assign what can be accesses per user
Likelihood to Recommend
Working with a consultant that needed access to certain area/files but still needed to be secure, Microsoft Entra External ID made it possible to do that.
Here in our educational setting, a medium sized multi academy trust, we use Microsoft Entra External ID to deliver internal apps and resources to a series of children's homes and school communities that work externally with our organisation. Microsoft Entra External ID enables us to reach children that other wise struggle to attend school regularly. It gives each pupil or prospective pupil and their supporting agencies an opportunity to continue/support their learning from where ever they are, securely.
Pros
Security
Simple account creation
Deployment of resources.
Cons
Initial external/workforce tenant setup
Authentication app requirement (although essential, not every child has a device they can use)
Company Branding Tools
Likelihood to Recommend
In our organisation we use Microsoft Entra External ID primarily to enable non-attenders to remotely login to our tenant and access pre-prepared educational resources. As well as access to tutors, pupils can also communicate with centralised staff who can support them to gain an education. Utilising our external tenant configuration we can develop and deploy our own in house apps to unpin this support intervention.
VU
Verified User
Manager in Information Technology (201-500 employees)
In ou organization, we iser Microsoft Entra External ID for pur third party vendors who operate from different countries. Instead of giving full access to our sensitive data. We used Microsoft Entra External ID so that limited access could be given but at the same time enough access is given to operate properly. Data security is th major business problem which Microsoft Entra External ID helps with. It makes our sensitive data safe and secure.
Pros
One of the things that Microsoft Entra External ID does really well is creating user logins, accounts and profile. It is very easy to create them, manage them and delete them. It is fast and reliant.
Limit access or authorization feature. We can allow different levels of authorization and access. So that not all the employees would have access to all the data. Only some relaible employees would have access and power to change anything.
Mutli factor authentication feature is also a really good feature to secure data. Even overseas vendors need MFS to login which gives double protection to our data.
Cons
The non technical users might get a little frustarted when it comes to passwors resets and MFA for Microsoft Entra External ID. They find it difficult to navigate through it and make the changes. Specially someone who is not a texh savvy.
Likelihood to Recommend
It is one of the best softwares I've used. It is safe and secure which is the goal of the company go safeguard its sensitive information at the same time giving limited access to third party vendors which makes it efficient and coat saving to th company
VU
Verified User
Analyst in Information Technology (501-1000 employees)
Azure Active Directory B2C helps provide seamless access to all the services and apps to the people either working on-site or working remotely and helps them stay productive. With the graphical overview of monthly activity, the Azure Active Directory B2C also makes it simple to manage all sign-ins. It is very reliable and secure.
Pros
Simple to use
Secure
Manage sign-ins
Cons
Customization
Likelihood to Recommend
Good for managing all your sign-ins and helps provide secure access from anywhere.
VU
Verified User
Analyst in Information Technology (10,001+ employees)
We use the Azure Active Directory B2C service to authorize access to our own custom web applications via API access. It is mainly used for authentication, control and monitoring of external users such as developers, and also for security reasons to defend against, for example, Denial of service, password hashing or brute force attacks.
Pros
authentication
authorization
monitoring access
Cons
Azure AD Application Proxy
inability to nest groups
no customized emails
Likelihood to Recommend
It is not easy to calculate the actual ROI due to the difficult quantification of all factors, but it certainly contributed a lot in protecting, monitoring and controlling access to our system. It also made it much easier to detect vulnerable external users with simple and "easy to hack" passwords they use on multiple apps.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)
We use Azure AD B2C solution for one of our clients who need to authenticate end users to their mobile application and support their backbone as IT admins. It helped us to address and facilitate identity verification by gathering user data. Moreover, the progressive profiling feature helped their customers to complete their first transaction quickly and efficiently.
Pros
Single sign-on access with a user-provided identity.
Progressive profiling.
Authenticate individual customers.
Cons
Confusing pricing.
Complexity.
Interface
Likelihood to Recommend
The cloud-based aspect is well suited for our client as they also switched to MS365 and Azure platforms from the On-site infrastructure of their IT. For companies that are still using on-premise IT infrastructure, it may not be the best solution due to the complexity of the user interface, and the learning curve can be challenging for this type of client.
VU
Verified User
Technician in Information Technology (51-200 employees)
It help us to keep track of our teams groups and manage the user roles very easily. This also makes it easy to manage our sign in's with a nice overview chart of your monthly activity. There are a lot of apps and add-ins that work with this service. It works well with Microsoft Dynamics. There are a lot of tutorials that walk you through setting up and using this product. It's really a great turn-key system that is very secure and user friendly.
Pros
Single sign-on simplifies access to your apps from anywhere
Strong authentication for your customers using their preferred identity provider.
Integrating with social accounts such as Facebook or Google+
Cons
The Cost, This service is available on a pay-as-you-go (PAYG) basis.
Customization features
Likelihood to Recommend
Azure Active Directory has so many features. I love that with the B2C Collaboration it easily let’s you smoothly operate between personal and business security. You can also expand or contract that instance as you wish thereby increasing performance or decreasing cost based on the demand time to time. I wish the product had more customizations for collaborations such as multimedia integration/authenticate users for Microsoft 365
VU
Verified User
Consultant in Product Management (51-200 employees)
Azure Active Directory B2C allows users to sign into parts of our systems using multifactor authentication while still accessing the parts that do not need the added protection. The predefined user flows help create user experiences and access quickly, while the custom policies are for a more robust scenario. Both are unique and tailored to our needs.
Pros
User flows
MFA
User interface
Cons
Custom policies options
integrating
Likelihood to Recommend
Azure Active Directory B2C is well suited for businesses that require different levels of protection. You can use Azure Active Directory B2C for both signings into an application and added security once signed in. You can edit profiles, set up workflows, customize group policies, as well as provides several different verification methods such as email, phone call, SMS, or authenticator app.
Azure Active Directory B2C is our go-to platform for customer identity and access management (CIAM) needs, both for our internally-developed applications and products as well as for our clients' customer-facing applications. Despite the name, Azure Active Directory B2C excels at both business-to-consumer and business-to-business ("B2B") functionality; I often explain to people that "B2C" should be read as "business-to-customer." We have used Azure Active Directory B2C for everything from prototype apps and small business scenarios to very large enterprises with millions of user accounts.
Pros
Customer identity
User experience customization
Integration and configuration
Security
Availability/reliability
Cons
Troubleshooting diagnostic logs effectively requires VS Code
Group and role management requires additional effort
The programming model (XML) could use some developer experience love
Likelihood to Recommend
Azure Active Directory B2C is sufficiently flexible and configurable that it can work in just about any customer identity and access management (CIAM) scenario. Its pricing model also scales well for both small businesses (for whom it's almost always free) and very large enterprises (who can optimize the cost of multifactor authentication at scale by using the Premium P2 SKU). Azure Active Directory B2C is particularly useful in scenarios where you want to integrate multitenant (corporate) Azure AD apps, for single sign-on from your AAD customers, with other accounts for your non-AAD customers.
The only technical limitation we've encountered over the years is that, natively, Azure Active Directory B2C does not support device "fingerprinting"; however, this functionality can be added (if needed) through Microsoft's Fraud Prevention service or other third-party solutions.
