Providing a secure, reliable and highly available authentication solution is a crucial part of developing any modern application. This time-consuming and relatively expensive process can now be delegated to a cloud provider: introducing Azure AD B2C.
What is Azure AD B2C?
Azure Active Directory B2C provides identity as a service. It enables your customers to use their preferred social or enterprise account to log in to your application.
Azure AD B2C is responsible for scaling to support millions of users and billions of authentications daily, safety of an authentication platform, monitoring and automatic threats handling.
Azure AD B2C vs Azure AD vs Azure AD B2B
Those three technologies can be easily confused because of the similarity in the naming. All of Azure AD solutions are built using similar technologies, however they are designed to serve different purposes.
- Azure AD is an identity provider for an organization. It allows access control to the organization’s cloud resources.
- Azure AD B2B (also called External Identities) allows inviting external users to the organization to provide them access to some part of an organization’s cloud resources.
- Azure AD B2C allows every user to create an account that allows access to the web application or a mobile app. It does not provide any access to the organization’s cloud resources.
What is Azure AD B2C designed for?
Azure Active Directory B2C is used by businesses who wish to authenticate end users using a managed, white-labeled platform.
It is designed to be used by IT administrators and developers to make app development process faster and outsource tedious and expensive maintenance tasks to an external service.
Azure AD B2C integrations
Azure Active Directory B2C integrates your application with social, email, or local accounts.
It supports by i.a.:
- Facebook account
- Twitter account
- Microsoft account
- Google account
- Apple ID
- LinkedIn account
- GitHub account
- along with any SAML or OIDC providers
Why choose Azure AD B2C?
Azure Active Directory B2C is a feature rich platform that allows the business to implement a lot of features quickly and easily, without having to account for future maintenance, development, updating and re-working the integrations after 3rd party API update.
Azure AD B2C enables:
- Signing in with 20+ identity providers
- Storing over 100 attributes for every user
- Login screen white-labeling
- Progressive profiling (easily create an account and ask for more details later)
- Defining business logic after signing-in with user flows and user policies
- Identity verification
- Trust assessment
- Automatically monitoring and threat handling
Azure AD B2C alternatives
Azure AD B2C is Microsoft’s identity provider, built-in and deeply integrated with Microsoft Azure Cloud. It is a clear winner if the rest of resources are in Azure Cloud.
All of the major cloud providers have a corresponding solution in their portfolio: the equivalent solution from Amazon is AWS Cognito and Google uses GCP Identity Platform.
What’s next?
The first step to use Azure Active Directory B2C is the app registration. Azure AD B2C is a free service for applications that have less than 50,000 active users monthly (some advanced features might incur additional costs). It comes in different tiers with different pricing and capabilities.
At iteo we have extensive experience in providing cloud-based services for our customers. Azure AD B2C quickly became one of the most commonly used integrations, as it is beneficial for every step of an app development: it shortens the development time, reduces the development costs while providing increased security and stability.
It is highly appreciated by iteo developers for covering the tedious part of application development: instead of reinventing the wheel, developers can focus on creating unique features and then just integrate their work with a time-proven and reliable B2C engine.
Azure AD B2C is also valued by our customers for its PAYG (pay-as-you-go) pricing model.
iteo can help you with virtually every aspect of moving your existing application to the cloud or reworking it to be cloud-native.
