I am trying to get my head around the concept. You have an azure B2C, and have two external IDP's configured.
I guessed that the ID token was provided by the Azure B2C and not the external IDP which have been configured as external IDP's. However i see that the provided ID token can also be used to other resources which use the same external IDP.
The user simply opens an additional tab to another client (url), and is authenticated.
i would expect that the user was only authenticated in the resource provided by the B2C, while not being authenticated for other resources protected by the same external IDP.
I think what is happening is Single Sign On (SSO) and it has nothing to do with the ID tokens.
What happens when they sign in to your app:
So now if the user goes to another application protected by the external IdP:
So since a session was already established with the IdP, they get automatically authenticated.