In an Azure AD tenant, users that belong to the tenant sign-in with an email address of the form <xyz>@<tenant domain>. The <tenant domain> is one of the verified domains in the tenant or the initial <...>.onmicrosoft.com domain. This type of account is a work or school account.
In an Azure AD B2C tenant, most apps want the user to sign-in with any arbitrary email address (for example,
[email protected],
[email protected],
[email protected], or
[email protected]). This type of account is a local account. We also support arbitrary user names as local accounts (for example, joe, bob, sarah, or jim). You can choose one of these two local account types when configuring identity providers for Azure AD B2C in the Azure portal. In your Azure AD B2C tenant, click Identity providers and then select Username under Local accounts.
User accounts for applications must always be created through a sign-up policy, sign-up or sign-in policy, or by using the Azure AD Graph API. User accounts created in the Azure portal are only used for administering the tenant.