Presentation is loading. Please wait.

Presentation is loading. Please wait.

A lap around Azure Active Directory Business to Consumer (B2C)

Published byJoel Porter Modified over 6 years ago

Similar presentations

Presentation on theme: "A lap around Azure Active Directory Business to Consumer (B2C)"— Presentation transcript:

1 A lap around Azure Active Directory Business to Consumer (B2C)
TechEd 2013 4/18/2018 1:18 PM A lap around Azure Active Directory Business to Consumer (B2C) Rory Braybrook Girisha Arora @rbrayb @GirishaArora © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Azure Active Directory B2C helps you to guard your external users in an ever evolving threat landscape

3 Contents Overview Policies OAuth Graph Explorer User types Fit?
Pros / cons

4 Overview

5 What’s the use case Self-registration SSPR
External users Self-registration SSPR Local account or social to login Modern authentication standards (OIDC / OAuth2) Scales out-of-the-box MFA SSO

6 Roll your own Cost Tons of code to write for I & AM
TechEd 2013 4/18/2018 1:18 PM Roll your own Cost Tons of code to write for I & AM Sign in, sign up, forgotten user names and passwords. Sign in with social networks, with MFA Lot of resources to spend that are not working on the core function of your app © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Roll your own Scalability
TechEd 2013 4/18/2018 1:18 PM Roll your own Scalability Your identity system has to be available 24/7 and it has to scale High Availability © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 TechEd 2013 4/18/2018 1:18 PM Roll your own Security If you have a list of names and passwords in your app, you’re a target Many people use the same username and password with multiple apps © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Current state Still in preview – GA “shortly”
Officially called “B2C Basic” Still in preview – GA “shortly” Will also have B2C Premium – no details to date

10 Creating a B2C tenant

11 Policies

12 Policies Sign-up Sign-in Sign-up or sign-in Profile editing
TechEd 2013 4/18/2018 1:18 PM Policies Sign-up Sign-in Sign-up or sign-in Profile editing Password reset © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Map policies Applications Identity Providers User Attributes
TechEd 2013 4/18/2018 1:18 PM Map policies Applications Identity Providers User Attributes © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Sign-up / Identity Providers
TechEd 2013 4/18/2018 1:18 PM Sign-up / Identity Providers Local accounts – typically not Facebook Google Amazon LinkedIn MSA © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Sign–up / in: Local & Facebook
Edit attributes B & C Application A Attributes A, B, C & D

16 Sign–up / in: Local & Google
Edit attributes Y & Z Application B Attributes W, X, Y & Z

17 OIDC / OAuth 2.0

18 TechEd 2013 4/18/2018 1:18 PM Extended Oauth 2.0 GET ?p=b2c_1_sign-in- &client_id=6b6…d1e6f9f2 &redirect_uri= &response_mode=form_post &response_type=id_token &scope=openid &… © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Demo Walk-through

20 “Easy auth”

21 Configure

22 Internal tenant details

23 Demo Personalisation

24 Graph Explorer

25 Internal tenant details

26 JSON attributes

27 B2C user types

28 Add a user from the portal (Admin)

29 Using Business to Business (B2B)

30 B2B invitation

31 User formats

32 Sign-up via an application to access it

33 Where does B2C fit?

34 Extending B2C And ADFS 4.0?

35 Pricing

36 Authentications/month
Pricing Stored user/month Price First 50,000 Free Next 950,000 $ Authentications/month Price First 50,000 Free Next 950,000 $ MFA Price All $ per authentication For the first 100,000 users, this is NZ$82 / month plus NZ$209 / month = NZ$291 / month. For subsequent slots of 100,000 users, this is NZ$164 / month plus NZ$418 / month = NZ$582 / month.

37 Summary

38 Pros Cons External user capability OOTB Minimum help desk involvement
Page look and feel can be customised Customised reset password Don’t have to roll your own (security!) SSO Cons No WS-Fed / SAML 2.0 support No SaaS integration Not a “normal” AAD tenant Extended OAuth2 No AD Connect Can’t add other social providers

39 Remember! BUT You can add users from other tenants for admin. purposes
The best way to think about B2C is that only those users that signed up using B2C in the first place are the ones that can sign in to an application using it.

40 4/18/2018 1:18 PM “Azure Active Directory B2C helps us bring the stadium closer to our 450 million fans around the globe with simplified registration and login through social accounts, like Facebook, or traditional username/passwords login.” RAFAEL DE LOS SANTOS HEAD OF DIGITAL REAL MADRID Provided a seamless experience across mobile applications on any platform Built a fully customized login page without custom code Alleviated concerns about security, data breaches, and scalability © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

41 It’s a wrap

42 Azure Active Directory B2C helps you to guard your external users in an ever evolving threat landscape

43 Resources Azure AD B2C - Azure AD B2C limitations - NET Web App sample - Easy Auth - Graph Explorer - .Graph Explorer (new) -

44 The end But feel free to ask questions

Download ppt "A lap around Azure Active Directory Business to Consumer (B2C)"

Similar presentations

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Feature: Identity Management - Login © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

Feature: Identity Management - Login © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
Building Scalable Web Apps with Windows Azure Name Title Microsoft Corporation.

Building Scalable Web Apps with Windows Azure Name Title Microsoft Corporation.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
www.sitemasher.com Multitenant Model Request/Response General Model.

Multitenant Model Request/Response General Model.
Session 1.

Session 1.
Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Built by Developers for Developers…. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)

Windows 8 (1) (2) (3) Windows 8 (1) (2) (3)
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Connect with life www.connectwithlife.co.in. Connect with life www.connectwithlife.co.in.

Connect with life Connect with life
Windows Azure Connect Name Title Microsoft Corporation.

Windows Azure Connect Name Title Microsoft Corporation.
NEXT: Overview – Sharing skills & code.

NEXT: Overview – Sharing skills & code.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Feature: Customer Combiner and Modifier © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.

Feature: Customer Combiner and Modifier © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
demo Instance AInstance B Read “7” Write “8”

demo Instance AInstance B Read “7” Write “8”

Similar presentations

Ads by Google