MicrosoftHi Alex,
Looking forward to be even more Ignite'd and it's excellent to see even more of the B2C functionality moving into the main tenant through external identities. In B2C I have utilized the I(dentity)E(xperience)F(ramework) to use other external IDP’s as yet another MFA factor. I just love the flexibility of extending the user journeys; making it possible to do alot more and also handling different external claims, migration and REST calls. The callbacks concepts through the idp_access_token extend the possibilities even further. With also more future oriented possibilities to do even greater conditional access concepts in the clouds, this journey has just started...
I have also tried out some concepts where you have one cloud identity to many different IDP’s going from a static to more dynamic concept where you can be in a privilege role just when you need to: the shortest time similar as the PIM based concepts. I have also addressed some new concepts to pass the access token more securely through an authentication chain or do a more structured logout concept. Just amazing what you can do in future oriented proper clouds…
Best regards
MrSmith
Can'tWaitToSeeWhatYourTeamWillShowDuringIgnite
