There is little doubt that we are all being exposed to a huge number of applications in both our personal and working lives. It’s not uncommon to find that in the corporate environment there are a range of services provisioned some of these are internal applications that are provisioned to pre-dominantly employees, contractors and partners. Increasingly some of these applications make their way to end customers as value added services or strategic products.

Traditionally resources in the Microsoft world have been controlled through Active Directories and more recently with the provision of Azure Active Directories there is a comprehensive identity and access management solution available via the azure cloud.

What’s important to note is that Azure active directories are really geared at allowing organisations to integrate line of business applications or SAS applications. The Azure AD application gallery provides a huge number of applications such as box, yammer twitter that can all be configured for single sign on.

The important thing to note is that Azure Ad solutions are generally geared for internal users and partners. Azure has recently introduced Azure B2C.

Azure B2C is provisioned as a SAS solution that will allow organisation to provide an identity and authentication mechanism for applications that are provided to their end customers. This basically means that the registration and signin process can be outsourced to Azure B2C. The software developers no longer need to concern themselves about storing and securing user information in their own custom format and can provide features such as multi factor authentication with ease.

Azure B2C provides support for OAuth 2.0 and this would allow applications to utilise access_tokens to gain access to resources that are secured by an authorization server.

Single Sign On1

Azure B2C extends OAuth2.0 and OpenID Connect through a concept of policies. Policies allow operations beyond authorization and authentication and can be customised to meet custom requirements further these policies can be used across multiple applications.

The following diagram provides an overview on how a web application can utilise Azure B2C:

Single Sign On

The one limitation with Azure B2C currently is the lack of support for SAML (Security Assertion Markup Language). In the medium term this is likely to change and its worth considering utilising AzureB2C for handling the security of customer facing application in your organisation.

The key advantage of a solution like AzureB2C are:

  • Single Sign on and Sign off
  • Industry standard security (Customer profile data is secured and maintained by Microsoft)
  • Customers can use social accounts such as Facebook, LinkedIn and Google to sign in and this functionality is maintained by Microsoft.
  • A unified and branded sign-in, registration and forgotten password experience
  • High Availability and Scalability out of the box
  • Multifactor Authentication without hassle

First published in North Starr's Starr Tech Enterprise 

Author bio

Manoj Shah
Digital Technical Consultant
Manoj is a Digital Technical Consultant


comments powered by Disqus

Related Articles

Sign up to our ClearThought newsletter

Get inspired and learn something new by subscribing to our FREE newsletter. It’s full of ClearPeople's thought-leadership whitepapers, blogs, events, and much more. We promise to not use your email for spam.

Closing this message and/or accessing our website tells us you are happy to receive all cookies on the ClearPeople website.
However, if you would like to, you can change your cookies settings at any time.