Reputation: 35
Okta vs Azure AD B2C When Already Using Azure AD
I have an application that uses Azure AD to authenticate employees. We now have a requirement to open up the app to external consumers. We are strongly considering Okta to authenticate the external users and federating to Azure AD for the employees. I'm curious if it would be more advantageous to use Azure AD B2C instead of Okta.
Upvotes: 2
Views: 5870
Answers (3)
Reputation: 21
For very basic scenarios, Azure B2C is both cheaper and easier to integrate into your existing environment. However, there is a large capability gap between the two offerings that becomes evident when you want particular features. Believe it or not, but Okta can actually be cheaper than Azure, especially if MFA is important with large user bases.
Azure charges for each MFA event, so:
MFA and SMS/Phone Events: $0.042
Auth: (50,000 MAUs x $0 (Free tier)) + (200,000 MAUs x $0.0076) = $ 1,325 p/m
MFA: 250,000 MAUs x 2 (MFA Events per Month) x $0.042. = $ 21,000 p/m
Total: = $ 22,325 p/m
= $ 267,900 p/a
- User Self-Service
- Session Management of Users
- Adaptive MFA (based on anomaly detection)
- User Activity Logging
Just make sure you compare apples to apples, and know what your actual technical and user requirements are.
Don't forget that there are cheaper alternatives to Okta, ie Auth0.
Upvotes: 2
Reputation: 1180
Its important we understand what "external consumers" mean. They can be from a partner organisation or they can be end-users. Azure AD supports B2B and B2C mode and each one of them is different. Following are some of the design considerations
- Are the external consumers from partner organisation or end users?
- Does the application support integration with external IDp i.e gmail, facebook to name few.
- Licensing differs for both B2B and B2C
This documents the best practices to be used while making the decision
We have gone ahead with B2B because we already had Azure Premium License and that supported B2B licensing model. Feel free to analyze on your own.
On Okta, it is slightly more expensive as @nzpcmad says.
Upvotes: 2
Reputation: 46710
Having been through this exercise, Okta is considerably more expensive.
You can federate B2C and Azure AD.
It depends on your use case i.e. what features are you looking for?
Upvotes: 1
Related Questions
- How to implement AAD B2C and OKTA Integration?
- Azure B2C vs Azure External Identities
- Okta SSO with Azure ADB2C
- Integration of Azure with OKTA using OIDC
- Detailed steps to configure Okta as an IDP in Azure AD
- Azure AD B2C Open ID Connectivity Vs OAuth 2.0
- Azure AD B2C and on-premise Active Directory
- Azure AD vs Azure AD B2C for web and mobile apps
- Does Azure Active Directory B2C work with Oauth or Open ID?
- Azure AD as Federation Provider for Okta