Open in app

Sign in

Write

Sign in

Introduction to Azure AD B2C

Amrutha Chenna
4 min readDec 29, 2020

In this article, we will have a brief overview of Active Directory, Azure AD, the difference between external identity services from Azure(Azure AD B2C and Azure AD B2B). Then we will have an introduction to Azure B2C and its common terminologies

ACTIVE DIRECTORY

Let’s start with the word DIRECTORY. A Directory is nothing but a folder that stores information about objects. In Active Directory, the directory is a hierarchical structure that stores information about objects on the network. Here objects refer to users, groups, computers, and printers.

Active Directory is a Microsoft technology, which is used to manage objects on a network. It allows network administrators to create and manage domains, users, and objects within a network. For example, Active Directory provides a way to organize a large number of users into groups and subgroups, while providing access control at each level.

AZURE ACTIVE DIRECTORY

Azure AD is a Microsoft enterprise cloud-based Identity and Access Management solution. It is a multi-tenant service which means, it provides this identity and access management not only to home tenant users but also to the other tenant users. Its main purpose is supporting the business organization by extending its identity reach to the cloud and SaaS applications

If we already have On-Premises AD and we want those users to have access to Azure Active Directory or vice versa, we can synchronize on-premises users with Azure AD and let them access different resources on both on-premises and cloud environments with just a single set of credentials. This can be done by Azure AD connect and it helps us to integrate On-Premises AD with Azure AD.

What is the meaning of the word Azure?

Bright blue in colour like a cloudless sky. 😝

WHAT ARE B2B AND B2C

Keeping technical stuff aside, Let me tell you what these words actually meant

B2B: B2B means Business-to-Business. Here the business sells or makes their products/services available to another business

B2C: B2C means business-to-Consumer. Here the business sells or makes their products/services available to all the users.

So now you have an idea of what B2B and B2C are in general. Now we will see these in Azure.

Azure AD B2B and Azure AD B2C

Azure AD B2B and Azure AD B2C are External Identity services of Azure AD. This allows people outside your organization to access your apps and resources while letting them sign in using whatever identity they prefer.

Azure AD B2B: Allows external organization users to access your apps with their organization credentials.

Azure AD B2B is not a standalone service but it is a service feature of Azure AD and its main purpose is to authenticate the external users from other organizations.

AZURE AD B2C

Azure AD B2C is a consumer identity and management for the consumer faced applications. Basically, it authenticates consumers, customers, or citizens and allows them to access the application. It helps the consumers of the applications to use their preferred social, enterprise, or local accounts to get access to the application.

We can completely customize the user experience on every page of Azure AD B2C (sign-in, sign-up, profile editing, password reset, and multi-factor authentication). The HTML, CSS, and JavaScript can be customized so that we can maintain the same user experience as the application.

We can also enable a second layer of security to the application by enabling Multi-Factor Authentication. It has high availability to scale to hundreds of millions of customers. It can be integrated in any platform, and accessible from any device.

Let’s get familiar with a few Azure AD B2C terminologies

Azure AD B2C Tenant: A tenant represents an organization and is a directory of users.

Directory: As mentioned earlier directory is a folder. In Azure AD B2C, the directory is where it stores user’s credentials and profile data, as well as the application registrations.

Application registrations: The web, mobile, and native applications are registered with Azure AD B2C to enable identity management. We can also, register APIs to protect them with Azure AD B2C.

User Flows and Custom Policies: There are 2 different identity experiences provided. We can use any of these based on the identity that must be provided to the customers.

  • User Flows are built-in approaches for quick configuration and to enable common identity tasks like sign up, sign in, and profile editing.
  • Custom Policies are a fully customizable approach to enable user experiences not only for the common identity tasks, but also for complex identity workflows that might be unique to an organization, customers, employees, partners, and citizens.

Identity providers: We can configure Azure AD B2C to allow users to sign-in to the application using Social identity provider, external identity provider or local account. If we federate external identity provider or social identity provider, the consumers can use their existing account to sign-in and access the application

  • Social identity providers like Facebook, LinkedIn, or Twitter that you want to support in your applications.
  • External identity providers that support standard identity protocols like OAuth 2.0, OpenID Connect, and more.
  • Local accounts that enable users to sign up and sign in with a username/email address/other ID and password.

Hope this article helped you to gain high-level knowledge on Azure AD B2C.

Azure Ad B2c
Azure
Azure Ad B2b
B2B
B2c

--

--

Amrutha Chenna

Written by Amrutha Chenna

11 Followers

Angular | Azure | .Net Core | Entity Framework | SQL

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams