Azure Active Directory B2C released

Azure Active Directory B2C is a new enterprise-grade, multi-tenant, cloud service that provided a secure cloud identity platform for consumer-facing applications, supporting authentication and management of consumer identities.
The new service is based on open-standards and provide cross-platform support, adding modern identity and security capabilities to iOS, Android, Windows, and browser-based applications and services.

Using Azure Active Directory B2C allows consumers to sign-up for your applications using their existing social accounts (Facebook, Google, Amazon, LinkedIn) or by creating new credentials (email address & password or username & password).

Azure Active Directory B2C can be purchased either on an Microsoft Enterprise Agreement or via Azure Direct.

The usage in the service will be billed monthly based on the total number of both:

  • Stored Users: Users stored in the Azure AD B2C directory
  • Authentications: Tokens issued either in response to a sign-in request initiated by a user, or initiated by an application on behalf of a user (e.g. token refresh, where the refresh interval is configurable).

The per application Multi-Factor Authentication option can be enabled for a separate fee.

The service is currently in preview, and during the preview period, the service will be free.

Registration for Azure Active Directory B2C

Sign in to the Azure management portal as the Subscription Administrator:
https://manage.windowsazure.com

Click All Items

Click New

Click App Services -> Active Directory –> Directory

image

Click Custom Create

image

Enter Name, Domain name, Country and select the This is a B2C directory option.
Click the Complete check mark.

image

After the registration, the domain name can be changed to  your own vanity domain name.

When the registration has competed, open the newly created B2C directory

image

Register an application

To register an application, select the Application option and click Add

image

The wizard provides options to add either a web application/API or a Native client application (can installed on the users device.

Configuration of B2C directory settings

For configuration of settings in the B2C directory, select the Configure option and click Manage B2C setting

image

This opens the Azure portal (https://portal.azure.com( where a range of specialized settings in the B2C directory can be managed, including User attributes, Sign-up policies and Sign-in policies.

image

In addition, under the Configure option, you may enable User Password Reset Policy allowing consumers (who have signed up for an accounts) to reset their passwords on their own. Leave the Alternate Email Address option checked.

Currently, a verified email address is the only supported recovery method, but additional recovery methods (verified phone number, security questions, etc.) is will be added in the future.

 

References:

Azure Active Directory B2C

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.