Forum Discussion

SRAJAKUMARM365AZURE's avatar
SRAJAKUMARM365AZURE
Copper Contributor
Jan 31, 2024

Where we should create Azure AD B2C tenant in an Azure Landing Zone Architecture?

Could you please provide your recommendations for placing an Azure AD B2C tenant for an application in an Azure Landing Zone Architecture?

 

Thanks,

  • keenanbrooks's avatar
    keenanbrooks
    Brass Contributor

    Azure AD B2C is Business 2 Consumer, so I am guessing you essentially will have a public facing website for customers to login to? If that's the case, you should make a DMZ subscription with internet traffic coming in via an app-gateway + waf. That's my opinion! The dmz vnet will be peered with the hub/connectivity vnet for management etc.

    If I am correct in thinking it's for customers, then you setup the Azure AD B2C tenant & create an app registration and user flows for auth. This parts not really my strong point but this should help as a react example:
    https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-sample-react-spa-app#31-configure-the-react-sample

    It doesn't really matter where you create the Azure AD B2C tenant though... Think of it exactly like Entra ID.



Resources