Azure active directory create multiple tenants

Question

We are currently planning a new web project for multiple tenants. For security reasons we want these tenants to be logically seperated from each other. For example by adding a parameter containing the tenant id to the route.

We want the tenants users to log in with azure AD but we dont want to require them to have a microsoft account.

Here is a small diagram with our simplified registration process. When a new tenant registers we want to dynamically create a new tenant in azure AD that is independent from the other ones. Then we want the new tenant to be able to send invitations to new users.

Is it even possible to seperate multiple tenants within one web project? Is it possible to create new tenants on the fly? Should we use B2B or B2C to do so?

Thank you for your help!

Answer 1

Should we use B2B or B2C to do so?

Determining environment type

There are two types of environments you can create. Deciding which you need is based solely on the types of users your app will authenticate.

• Work and school (Azure AD accounts) or Microsoft accounts (such as outlook.com and live.com)
• Social and local accounts (Azure AD B2C)

Azure Active Directory and Azure Active Directory (B2C) enable users to access applications published by your organization, and share same administration experiences https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis

We want the tenants users to log in with azure AD but we dont want to require them to have a microsoft account.

You can use custom domain name https://learn.microsoft.com/azure/active-directory/fundamentals/add-custom-domain

Is it possible to create new tenants on the fly?

Yes. You also can switch between your tenants: Also, I believe each B2C tenant requires a separate subscription.

What is the maximum number of Azure Active Directory tenants?