Microsoft Entra ID · B2C & External Identity
B2C IEF Policy Administrator
Creates and manages custom policies in Azure AD B2C Identity Experience Framework including user flows and federation.
Scope: Full control over B2C custom policies and Identity Experience Framework
Permissions
- Create and manage custom policies
- Configure identity providers
- Manage user flows
- Edit directory schema
- Create new users
- Send data to external systems
Common use cases
- Custom user journey development
- External IdP federation setup
- Claims transformation configuration
- Multi-step authentication flows
- Progressive profiling implementation
Best practices
- Use policy versioning
- Test in non-production first
- Document all customizations
- Follow least privilege in claims
- Audit policy changes
Security considerations
- PRIVILEGED: Can modify all authentication flows
- Can access and migrate user data
- Changes affect all B2C users
- Federation changes are sensitive