Markdown

Markdown.md

Category	B2C Capability	External ID Status	Difference	Migration Action	Gotcha	Citations
Local Accounts	Native local username/password authentication	Native support with email/phone	Same core capability	Direct migration via Graph API	-	-
Social Identity Providers	Google, Facebook, Microsoft Account, etc.	Native support for major providers	Same integration model	Reconfigure identity providers in External ID	-	learn.microsoft.com
Custom Identity Providers (OIDC)	Generic OIDC federation	Native OIDC support	Similar configuration	Recreate OIDC apps in External ID	-	-
SAML Federation	SAML 2.0 enterprise federation	Supported via Entra ID federation	Requires Entra ID premium SKU	Migrate SAML trust to Entra federation	SAML requires premium license in External ID	learn.microsoft.com
Multi-Factor Authentication	Phone, SMS, TOTP, email MFA	Native MFA via Entra	More authentication methods available	Enable MFA policies in External ID	-	learn.microsoft.com
Conditional Access	Risk-based and context-aware policies	Full Conditional Access support	More granular controls in External ID	Recreate CA policies in Entra portal	-	learn.microsoft.com
User Flows vs User Journeys	Pre-built user flows + custom journeys (IEF)	User flows available; custom journeys limited	IEF not fully supported in External ID	Migrate standard flows; redesign custom journeys	Complex IEF policies may require redesign	-
Custom Policies (IEF)	XML-based Identity Experience Framework	Limited support; not recommended	IEF not first-class in External ID	Avoid IEF; use user flows or custom authentication	IEF is legacy; Microsoft recommends user flows	-
Custom Branding	CSS, JavaScript, HTML customization	Company branding via Entra	Less granular than B2C custom policies	Apply company branding in External ID	Limited CSS/JS customization vs B2C IEF	learn.microsoft.com
Custom Domains	Custom domain for authentication endpoints	Custom domain support	Similar configuration	Configure custom domain in External ID	-	-
API Connectors	Webhooks during sign-up/sign-in flows	API connectors available	Same capability	Reconfigure API connectors	-	-
Token Customization	Custom claims via policies	Custom claims via claims mapping	Different mechanism (no IEF)	Use claims mapping policies or custom attributes	-	-
Password Reset (SSPR)	Self-service password reset	Native SSPR	Same capability	Enable SSPR in External ID	-	learn.microsoft.com
User Migration	Bulk user import, seamless migration	Graph API bulk import	No seamless migration built-in	Use Graph API for bulk import; custom code for seamless	Seamless password migration requires custom solution	learn.microsoft.com
Graph API Management	User CRUD via Microsoft Graph	Full Graph API support	Same API surface	Update Graph API tenant ID in code	-	learn.microsoft.com
Audit Logs & Monitoring	Sign-in logs, audit logs	Unified Entra audit logs	More integration with Azure Monitor	Configure log analytics workspace	-	learn.microsoft.com
B2B Guest Access	Limited B2B support in B2C	Native B2B and B2C in External ID	Unified B2B/B2C experience	Leverage built-in B2B features	-	learn.microsoft.com
Age Gating & Consent	Age verification and parental consent	Supported via custom attributes	Requires custom logic	Implement age gating in application	-	learn.microsoft.com
Localization	Multi-language UI strings	Built-in localization	Same capability	Configure languages in External ID	-	learn.microsoft.com
SPA & Native App Support	OAuth2/OIDC for SPA and mobile	Full OAuth2/OIDC support	Same protocol support	Update authority URLs in app code	-	learn.microsoft.com

https://medium.com/the-new-control-plane/using-spec-kit-to-compare-the-features-in-azure-ad-b2c-and-entra-external-id-698d813396ca

Note: Generated by AI, so it contains mistakes !!!!!!!!!!!!!!!!

Please don't rely on the data.