Forum Discussion
azure ad B2C + multi tenancy
Hi all, Some context: I'm looking at implementing a Multi-tenant SaaS application using a SPA and Spring Boot backend, running on Azure App Service and using Azure AD B2C for identity management...
Hi wode,
I'll try my best to answer your questions regarding multi-tenancy using Azure AD B2C:
As for the best strategy for multi-tenancy on the application level, it depends on your specific requirements. Using a separate subdomain per tenant is a common approach, but it is also possible to host on a single domain and use other mechanisms such as custom claims to separate tenants.
Yes, when using Azure AD B2C in multi-tenant mode, any tenant can use your application. You will need to filter out tenants based on their IDs in your application code.
Azure AD B2C supports federated authentication, which allows you to delegate authentication to other identity systems such as SAML or OpenID Connect.
You can inspect the token and distinguish the tenant from the token sent in every request using the issuer parameter. The issuer parameter specifies the issuer of the token, which includes the tenant ID.
You can store accounts in Azure AD B2C locally and spread them out over multiple tenants inside B2C.
As far as I know, there is no limitation on the number of tenants that can be configured in Azure AD B2C.
I hope this helps! Let me know if you have any further questions.
Cheers,
Luke
I'll try my best to answer your questions regarding multi-tenancy using Azure AD B2C:
As for the best strategy for multi-tenancy on the application level, it depends on your specific requirements. Using a separate subdomain per tenant is a common approach, but it is also possible to host on a single domain and use other mechanisms such as custom claims to separate tenants.
Yes, when using Azure AD B2C in multi-tenant mode, any tenant can use your application. You will need to filter out tenants based on their IDs in your application code.
Azure AD B2C supports federated authentication, which allows you to delegate authentication to other identity systems such as SAML or OpenID Connect.
You can inspect the token and distinguish the tenant from the token sent in every request using the issuer parameter. The issuer parameter specifies the issuer of the token, which includes the tenant ID.
You can store accounts in Azure AD B2C locally and spread them out over multiple tenants inside B2C.
As far as I know, there is no limitation on the number of tenants that can be configured in Azure AD B2C.
I hope this helps! Let me know if you have any further questions.
Cheers,
Luke