Hybrid Azure B2B and B2C approach through ReactJs UI

0
votes

In trying to meet the business requirements, we are going with the approach of using Azure B2B and B2C.80% of the users are B2B consumers whereas 20% are B2C (log in with Social Accounts) consumers.

I have to devise a navigation flow in ReactJs:

  1. User logs into Homepage
  2. Homepage checks whether User Session is present or not. If yes, it allows the user is logged-in using SSO.
  3. If no, the user gets redirected to the B2B Login page, where again Cookie is checked by MSAL and the user gets logged in automatically.
  4. If the cookie is not present, the user is allowed to enter the username on the B2B login page.

Question 1: Is there any way to show an option to the user to direct them to use the Azure B2C login page through a hyperlink only for this app (not for the entire company) if they want to use their Social Account to login?

*Question 2: If the above Question 1 is not possible, then once the user enters a username with "outlook.com", can I redirect the user to the B2C login page instead of continuing them on the B2B page as that username would fail on B2B?

Question 3: If Question 2 is also not possible, then the user reaches to below error page on login.microsoft.com. Can I customize the same to avoid going to the error page and re-direct the user to use the Azure B2C login page instead of on the block the user navigation on the error page or at least have a hyperlink on the error page with the message to direct the user to the B2C login page.*

AADSTS50020: User account '[email protected]' from identity provider 'live.com' does not exist in tenant 'XYZ' and cannot access the application 'XXX-XXX-XXX' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

All these questions are for avoiding creating a custom React JS landing page where the user needs to choose between corporate login (Azure B2B) and social login (Azure B2C).

Also, the possibility of adding the social federation on Azure AD (B2B) is not present as it is the organizational cloud security policy.

1
azure-active-directoryazure-ad-b2cazure-ad-b2b

1 Answers

0
votes

the first thing to understand would be if you are trying to use Azure AD B2B and Azure AD B2C in the same tenant. If yes, I recommend you looking at this: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/15009315-can-i-use-azure-ad-b2b-collaboration-together-with

Secondly the scenario you trying to achieve is possible where you can add multiple directories one for Azure AD for B2B users to authenticate and the other part with Consumers to login to your app using social IDPs like Facebook, Google etc.

You can try checking the following links as they speak on the same context:

Azure AD B2B and B2C in same Application

how to federate between Azure B2B and B2C