Recently I was at a customer where we needed to have clients authenticate to the web app they created for their service, we looked at several options, and Azure B2C seemed to be the best fit for it. Of course, when configuring this, I ran into all sorts of issues 🙂 this is the first post to get you underway. In one or more follow-up posts, I’ll discuss further configuration possibilities and use cases for Azure B2C.
What is Azure AD B2C and why should you care
Borrowed this from Microsoft as they can explain it better than I can (in this case ;-)):
Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs.
Azure AD B2C is a Customer Identity Access Management (CIAM) solution capable of supporting millions of users and billions of authentications per day. It takes care of the scaling and safety of the authentication platform, monitoring, and automatically handling threats like denial-of-service, password spray, or brute force attacks.
Azure AD B2C is a separate service from Azure Active Directory. It is built on the same technology as Azure AD but for a different purpose. It allows businesses to build customer facing applications, and then allow anyone to sign up into those applications with no restrictions on user account. For example you can connect Azure B2C to your WordPress instance so users can sign up with existing authentication providers (e.g. Facebook) to the website to post comments.
How to configure B2C
First off go to the Azure portal and click on new:
In the search bar type Azure AD B2C and select the ‘Azure Active Directory B2C created by Microsoft
After selecting the Azure B2C click on Create to create the B2C.
The B2C tenant will be provisioned but in my case i got this error:
The subscription is not registered to use namespace ‘Microsoft.AzureActiveDirectory’
This error is created because on the subscription you want to configure this B2C tenant on creating extra Azure Active Directory’s is not enabled (registered). To fix this go to the subscription page
Click on the subscription and navigate to the resource providers pane. In the filter by name type in Active Directory.
You will see that the Microsoft.AzureActiveDirectory status is not registered (enabled). So click on register.
The status will change from NotRegistered to Registering and after a while it will change to Registered
After that redo the steps from the beginning of the blog and you will see that the B2C tenant is created.
If you then go the B2C tenants plane of the Azure portal you will see that your new B2C tenant is created