Exam AZ-204 topic 4 question 48 discussion

The provided answer is wrong! Based on this article: https://docs.microsoft.com/en-us/azure/active-directory/external-identities/external-collaboration-settings-configure External collaboration settings let you specify what roles in your organization can invite external users for B2B collaboration. These settings also include options for allowing or blocking specific domains, and options for restricting what external guest users can see in your Azure AD directory. So, you use B2B external collaboration to invite guests into your Azure AD tenant. I vote for Custom Policies. Both Custom Policies and User Flows support external identity providers, but because of required custom in-house providers support, I'd choose Custom Policies over the User Flows - see https://docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-overview#comparing-user-flows-and-custom-policies

A https://docs.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-reference-sso

Azure AD B2C is designed specifically for customer-facing applications where you need to support a variety of identity providers, including social identities (like Facebook, Google, etc.) and custom (or in-house) identity providers. Custom policies (also known as Identity Experience Framework policies) in Azure AD B2C allow for deep customization of the authentication experience, enabling complex scenarios including integrating with various identity providers, custom user attributes, and multifactor authentication flows. This option provides the flexibility needed to implement SSO while accommodating the diverse identity requirements described.

The best solution for implementing SSO for multiple web and mobile applications with a variety of identity providers is to use Azure AD B2C with custom policies.

A is correct

Given answer is correct, remember that the question says "company maintains many aplications" and "those aplication have their own in house login providers" so there is a bussiness with other bussiness, is B2B, no B2C. And B2B with external colaboration says: "You can also enable self-service sign-up user flows to let external users sign up for apps or resources themselves." https://learn.microsoft.com/en-us/azure/active-directory/external-identities/what-is-b2b

Should be A A company maintains multiple web and mobile applications. Each application uses custom in-house identity providers as well as social identity providers.

"C. Use Azure Active Directory B2C (Azure AD B2C) with user flows." Azure AD B2C is a cloud-based identity management service that enables you to customize and control how users sign up, sign in, and manage their profiles when interacting with your applications. With Azure AD B2C, you can create user flows that define the steps in the authentication and authorization process for your applications, and you can use these user flows to enable SSO across your applications. User flows allow you to customize the authentication experience for your users, including specifying the identity providers that you want to use, such as custom in-house identity providers or social identity providers. You can also customize the user interface, branding, and policies that apply to each user flow. References: https://learn.microsoft.com/en-us/azure/active-directory-b2c/user-flow-overview

For Azure AD B2C check this: https://learn.microsoft.com/en-us/azure/active-directory-b2c/overview

A - correct answer

A for sure

A is correct 100%

The Answer seems Correct. B2C seems for external totally, so no mention of the existing AAD authetication to the app. https://docs.microsoft.com/en-us/azure/active-directory/external-identities/external-identities-overview?bc=%2Fazure%2Factive-directory-b2c%2Fbread%2Ftoc.json&toc=%2Fazure%2Factive-directory-b2c%2FTOC.json