What is Microsoft Entra External ID for Customers?

Whether consumers or B2B clients, secure sign-in processes are vital for establishing trust and preventing unwanted access.

But how do you achieve this with ease, while ensuring your processes remain up-to-date?

Announced in the summer of 2023, Microsoft Entra External ID for Customers (EEID4C) is a next-gen customer identity and access management (CIAM) solution.

Building on the success of Azure AD B2C, EEID4C represents Microsoft’s future vision for CIAM, allowing users to:

• Streamline external user management.
• Eliminate the need for custom sign-in systems.
• Stay updated with innovative features.
• Establish a secure authentication system.
• Adapt to evolving user preferences.

Key Features of Microsoft Entra External ID

Microsoft Entra External ID for customers is a unified platform that combines the familiar features of Azure AD External Identities with new capabilities, such as:

• Build secure web and mobile apps for customers and partners in minutes, with developer-friendly tools.
• Support for multiple identity providers, including Azure AD, Google, and Facebook.
• Federated single sign-on (SSO) for seamless access to your applications.
• Risk-based authentication to protect against unauthorised access.
• Privacy-preserving identity verification to ensure that your users are who they say they are.

Getting Started with Microsoft Entra External ID

At the time of writing, Microsoft Entra External ID is in public preview.

You can learn more about what this means in our recent article comparing AAD B2C with Entra External ID for Customers.

Let’s take a peek under the hood, and see what Entra External ID for Customers (EEID4C) does for us:

Initial set-up

Before you can use EEID4C with your websites or mobile applications of choice, you need to configure a few things:

• A dedicated tenant: While EEID4C is based on Entra ID and shares all of the same features, you need to create a dedicated tenant for your customers
• Identity providers: You can use Entra ID, Microsoft accounts, Email one-time passcodes, Google, or Facebook to sign-in your customers
• Branding: provide logos and page backgrounds to customise the sign-in experience
• User flows: Enable specific authentication scenarios using dedicated user flows such as “sign in”, “sign up”, and “password reset”. Here you also configure other aspects of sign-in such as the attributes you’re collecting from the user

Once these steps are complete, it’s time to integrate your web and mobile applications.

You can integrate anything from a single page application (SPA), web applications, and mobile applications, to APIs and other “headless” applications.

The integration relies on published standards but Microsoft also provides a wealth of sample code for quick integration.

Now you have the EEID4C infrastructure set up and your apps connected, you can attempt a sign up as a new user:

User flows provide the user with flexible options for sign-in and multi-factor authentication, according to the configuration you choose.

You can also make use of APIs to handle the information being provided by the user and to divert the sign in process if you detect a problem.

The platform targets all major browsers and supports multiple languages.

Benefits of Microsoft Entra External ID for customers

• Increased security: Microsoft Entra External ID uses a variety of security features to protect your external users, including risk-based authentication and privacy-preserving identity verification.
• Improved user experience: Microsoft Entra External ID makes it easy for your external users to sign in to your applications, with support for multiple identity providers and federated SSO.
• Reduced development costs: Microsoft Entra External ID provides developer-centric tools that make it easy to build secure, compliant web and mobile applications for your external users.

Conclusion

Microsoft Entra External Identities for Customers (EEID4C) is in its preview phase, and appears to hold promise as a customer identity and access management CIAM solution.

As yet, however, it still lacks some of the features present with Azure AD B2C. But this will undoubtedly change as the platform develops.

While Microsoft views Entra External ID for Customers as the future, consider a strategic approach when planning critical identity projects in late 2024 to 2025.

For organisations heavily reliant on Azure AD B2C, explore a gradual transition to EEID4C.

This transition provides existing users with a seamless path to adoption while opening new opportunities for businesses seeking long-term CIAM solutions.

Key takeaways

Next Steps