I would like to use Azure AD to store user accounts for users external to our organization. The idea was to use Azure ACS to federate our internal AD and Azure AD to provide authentication for internal and external users, respectively. However, Azure AD doesn't appear to be able to meet some of my requirements:
- Users can register with their email address as their username.
- Users can sign on without the .domain.onmicrosoft.com nonsense.
- Security groups can be added and users assigned to them -- group membership will be passed through ACS as claims.
These seem to me to be standard use cases for a user store. Is it possible to meet these requirements?