Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Using Azure Active Directory B2C just got easier
Published Nov 05 2018 09:00 AM 15.3K Views

Howdy folks,

 

We know how much you care about getting the experience right for your organization and customers. And we hear from customers all the time about their challenges getting setup with Azure Active Directory (Azure AD) B2C. Today, I am excited to announce improvements to Azure AD B2C that make it easier for you to get started, as well as new customized solutions for Azure AD B2C and your apps.

 

First, we updated the Azure AD B2C developer training guide and added bunch of new solutions to help with some common business challenges. Second, we gave the Azure AD B2C portal UI a facelift to streamline the management experience and make it much more user friendly.  Read on for all the details.

 

New solutions for Azure AD B2C

 

Our customer and partner research tell us that there are common business scenarios that everyone needs to address, so we’ve started building out some end-to-end solutions guides.

 

Here are three common scenarios and the solution guides now available:

 

  1. If you have a business need to collaborate with partners and connect with customers and aren’t sure whether to start with B2B or B2C, see this solution guide: Enabling partners, Suppliers, and Customers to Access Applications with Azure AD
  2. If you are building your first app for Azure AD B2C and need to create a migration plan from your legacy authentication solution, see this solution guide: Migrating Application Authentication to Azure AD B2C in a Hybrid Environment
  3. If your business complies with General Data Protection Regulations (GDPR) and you need to know how B2C supports your approach, see this solution guide: General Data Protection Regulation (GDPR) Considerations for Customer Facing Applications

 

New and improved portal experience

 

We made improvements to three major parts of the Azure AD B2C management experience: the welcome experience, creating user flows, and editing user flows.

 

Updated Overview blade

 

The first change you’ll notice is the new Overview blade, which is now more actionable for new users. The cards at the top of the page help guide users through creating an application, setting up an identity provider, and getting their first user flow up and running. We added a section with links to documentation for common scenarios. In addition, the What’s New section provides updates on new features.

 

New and improved Azure AD B2C Overview blade.New and improved Azure AD B2C Overview blade.

New options to create user flows

 

Based on customer feedback about creating user flows, we learned that term “policies” has been confusing for some users. So, we no longer use the term “built-in policies” and instead use the term “user flow” to make things clearer. If you use Custom Policies and the Identity Experience Framework, you won’t see any changes in terminology.

 

New user experience for selecting user flow type.New user experience for selecting user flow type.

We also simplified the left side navigation menu by adding a single entry point to access all your user flows. Going forward, we plan to release new, more capable user flow types—some of which you can see in the Preview tab already.

 

New options for creating a sign up and sign in user flow.New options for creating a sign up and sign in user flow.

After selecting a type, the new user flow creation is now a single blade experience. We simplified the items to reflect the most basic setup, simply choose a name, select identity providers to use, select the user attributes collected, and choose if it has Multi-Factor Authentication. From here you can run your user flow or dig in to more advanced settings.

 

User flow overview once it has been created.User flow overview once it has been created.

Updates to editing a user flow

 

While editing your user flow, you now get closer to full screen real estate with room for more information about your user flow. Here you can see the new user flow overview that gives you a snapshot of your user flow’s current state.

 

Editing Page layouts in a user flow and running it.Editing Page layouts in a user flow and running it.

Finally for customization workflows, we streamlined the processes by maximizing the use of the screen’s real estate. In the Page layouts experience, you can now modify anything about your page without having to drill down into different blades. To streamline further, we put the Run user flow option on every single blade inside of user flow editing to allow you to test your changes as you make them. 

 

The team is super excited to have you try out these new changes and is hard at work improving the rest of the experience. Let us know what you think using the feedback buttons at the top of the Azure portal, by emailing us at: aadb2cpreview@microsoft.com, or leaving us a comment below. As always, we’d love to hear any feedback or suggestions you have. 

 

Best regards, 

Alex Simons (Twitter: @alex_a_simons

Corporate VP of Program Management 

Microsoft Identity Division

3 Comments
Copper Contributor

 

Are there an HTML version of the links provided on this article below available publicly? If not, are they still relevant to B2C?

 

developer training guide

Migrating Application Authentication to Azure AD B2C in a Hybrid Environment

Copper Contributor

There are two significant hurdles developers have to go through when implementing B2C - role-based authorization, and automated testing. 

 

The role-based authorization challenge is especially frustrating since we have to use the MS Graph API - in a separate process if I'm understanding the documentation correctly - if we want to do anything with the AD tenant itself. So what's our alternative? Andreas Helland compiled a great two-part article detailing instructions on how to add a drop-down box to the signup/sign-in screen, but that also involved a lot of custom user flow, where it seems like simply having a drop-down list option for claims, and/or having the ability to assign a claim based on policy used (i.e. "if they signed in here, there is a "userType" claim with the value "x") would be sufficient. 

 

The other challenge around automated testing looks like it's handled here with resource owner credentials so maybe it's already there; I'll be honest, I haven't gotten around to implementing this yet on my project, but I've seen a lot of StackOverflow questions about it, so hopefully I can just use this feature and not have to worry about it. 

 

OpenIdConnect has a lot of moving pieces to it, and there is likely a lot of functionality within AD B2C that a lot of us aren't picking up on because it is assumed we're intimate with the OpenIdConnect inner workings. The examples have been very helpful, so at the very least, please keep those coming (and up to date!).

Copper Contributor

Alex,

  Thanks for sharing and this is a great start.. I believe these documentation will enable partners and customers alike to utilize the B2C solution effectively.

 

Thanks

Satish

Version history
Last update:
‎Jul 24 2020 01:50 AM
Updated by: