Is Federated Identity Management possible using Azure AD or Azure B2C?

Question

Website webapp1.com has registered users with its own IdP implementation.

There are other websites such as webapp2.com, webapp3.com, webapp4.com (different domain).

A logged-in-user user1 of webapp1.com wants to do a SSO login to webapp2.com or webapp3.com or webapp4.com. user1 has accounts in webapp2.com/webapp3.com/webapp4.com as well.

Is there a way to implement this using Azure AD or Azure AD B2C?

This is possible using PingIdentity. https://www.pingidentity.com/en/resources/blog/posts/2021/sso-vs-federated-identity-management.html

Tried Azure AD and Azure AD B2C. There is no documentation found how this could be done.

Answer 1

As long as the web apps connect to the same identity provider/s, the user will get SSO if they visit another app and pass through those same identity providers. With AAD this is the default and only behaviour. With AAD B2C this is the default behaviour, but can be restricted.

Answer 2

Federated Identity is now available in Azure AD https://learn.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation

It's called Workload Identity Federation. You can follow this link to configure an app to trust an external identity provider.