Microsoft Entra ID · B2C & External Identity
Tenant Creator
Can create new Microsoft Entra and Azure AD B2C tenants even when tenant creation is disabled for regular users.
Scope: Create new tenants regardless of user settings
Permissions
- Create new Entra ID tenants
- Create new Azure AD B2C tenants
- Bypass tenant creation restrictions
Common use cases
- Setting up new B2C environments
- Creating development/test tenants
- Multi-tenant application setup
- Subsidiary tenant provisioning
Best practices
- Document all created tenants
- Apply security baselines immediately
- Set up proper governance
- Establish naming conventions
Security considerations
- Creator becomes Global Admin of new tenant
- New tenants have default settings
- Orphaned tenants are a risk
- Consider billing implications