Azure AD B2C – All You Need To Know

Posted on    by
azure-ad-b2c

What is Azure AD B2C

Azure Active Directory B2C (Azure AD B2C) is a business-to-consumer identity management service. It built on top of the Azure Active Directory (Azure AD) and managed by Azure. It uses social, enterprise and local identities to authenticate the applications. Any applications such as mobile, desktop, web and single-page (SPA) can use B2C.

When to use Azure AD B2C

There are different scenarios to use Azure AD B2C. Imagine an online buyer applies a social account to login to the e-commerce site. There are suppliers using their corporate credentials to login to the enterprise application. It supports more such use-cases. Unlike Azure AD B2B, It doesn’t store the user details within the tenant. Knowing B2C is important before suggesting to your customer. It supports the below list of distinct features as of today

  • Customizable branding of sign-in and sign-up user experience
  • Localization provides the translation to many languages
  • Supports authentication protocols including OpenID Connect, OAuth 2.0, and SAML
  • Integration with custom user store
  • Integration with external system to include more information to the user’s claim
  • Compliant with the user data residency policy
  • Multi-factor authentication provides more security
  • Provides auditing and logging information to track the activity
  • Add your own business logic to the user journeys
  • Profiling with Application Insights

How do I configure and use Azure AD B2C

You can follow the step-by-step Azure documentation to create an Azure AD B2C tenant. At the same time, it creates an underlying Azure AD tenant. The former represents the organization, while the latter stores the federated user information. To federate with other identity providers, B2C provides different user journeys. Examples of user journeys are sign-up, sign-in, profile-edit and password-reset. It supports two unique approaches to configure them. You can either pick user flows or identity experience framework (IEF) to set them up. The user flow has predefined and configurable policies. The IEF requires manual setup to configure the policies. Besides this, IEF has an extensible policy framework and backed up by powerful orchestration engine.

Alternative products and services available in the market

Azure AD B2C is not the only identity and access management (IAM) services available in the market. Other providers are offering similar services too. Gartner has been doing market research for IAM magic quadrant. I’ve listed a couple of them based on the Gartner’s research

  • Okta
  • Ping Identity
  • IBM Cloud Identity
  • Oracle Identity Cloud Service
  • Auth0
  • Idaptive
  • OneLogin

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.