First published on CloudBlogs on Nov, 02 2015
Howdy folks, Twitter traffic, blog post visits and overall customer interest in Azure Active Directory B2C have been huge so far, greatly exceeding our expectations! Amazingly we already have customers working with us that together represent over >1B consumer identities. And these customers are all on track to go live with the service in the next 120 days. Given the level of demand here, I thought you might be interested in a deep dive into Azure AD B2C, our policy based architecture and our new Identity Experience Engine. To do that, I've asked Kim Cameron, one of our distinguished engineers, to walk you through our architecture and how it's unique in the market. For most of you, Kim doesn't need an introduction. He's been a long time thought leader in the identity industry and his Seven Laws of Identity is considered by many to be the seminal document for modern digital identity. Kim has been the key thought leader behind our B2C work and I'm excited to have him share his insights with you. You'll find Kim's blog post below. And as always, we'd love to get any feedback or suggestions you have! Best regards, Alex Simons (Twitter: @Alex_A_Simons ) Director of Program Management Microsoft Identity Division ------------------------------------- Hello, Kim Cameron here! Last month Stuart Kwan wrote a great intro to our new Azure Active Directory B2C service and showed people how to start using it. As he explained, "Once you have a B2C tenant, you register applications and configure policies which drive the behavior of sign in, sign up, and other user experiences. Policies are the secret sauce of Azure AD B2C." He gave step-by-step instructions and showed examples like this one of using the B2C Admin Portal to configure a policy based on social network providers:
Howdy folks, Twitter traffic, blog post visits and overall customer interest in Azure Active Directory B2C have been huge so far, greatly exceeding our expectations! Amazingly we already have customers working with us that together represent over >1B consumer identities. And these customers are all on track to go live with the service in the next 120 days. Given the level of demand here, I thought you might be interested in a deep dive into Azure AD B2C, our policy based architecture and our new Identity Experience Engine. To do that, I've asked Kim Cameron, one of our distinguished engineers, to walk you through our architecture and how it's unique in the market. For most of you, Kim doesn't need an introduction. He's been a long time thought leader in the identity industry and his Seven Laws of Identity is considered by many to be the seminal document for modern digital identity. Kim has been the key thought leader behind our B2C work and I'm excited to have him share his insights with you. You'll find Kim's blog post below. And as always, we'd love to get any feedback or suggestions you have! Best regards, Alex Simons (Twitter: @Alex_A_Simons ) Director of Program Management Microsoft Identity Division ------------------------------------- Hello, Kim Cameron here! Last month Stuart Kwan wrote a great intro to our new Azure Active Directory B2C service and showed people how to start using it. As he explained, "Once you have a B2C tenant, you register applications and configure policies which drive the behavior of sign in, sign up, and other user experiences. Policies are the secret sauce of Azure AD B2C." He gave step-by-step instructions and showed examples like this one of using the B2C Admin Portal to configure a policy based on social network providers:
- The set of html and css pages that are scrubbed for security compliance (e.g. cross-site scripting vulnerability) and then presented to users
- User journeys – the visual experiences through which the customer progresses in a given policy
- Identity providers (for example the social networks, ISVs, and enterprise or national IdPs that can be used to establish identity)
- Relying parties who can use the policy
- Authentication requirements, including multifactor orchestration
- Integration with claims verifiers (hosted within an enterprise or provided by external partners)
- Shared schema and mappings to participants (different systems name things differently)
- Claims transformations and data minimization (hashing and/or transformation of attributes revealing PII into non-identifying demographic attributes)
- Blinding and encryption
- Claims storage
- Web Service calls and workflow initiation
- Protocol Conversion (SAML, OAuth2, and OpenIdConnect)
Published Sep 07, 2018
Version 1.0Alex Simons (AZURE)
Microsoft
Joined May 01, 2017
Microsoft Entra Blog
Follow this blog board to get notified when there's new activity