Microsoft Azure

Azure AD Now Supports Facebook and Google Logins, Microsoft Accounts Coming Soon

Microsoft is putting identity management at the center of its security strategy, and as part of this ongoing program has announced the availability of the Azure AD B2C service, which will allow businesses to authenticate users via pre-existing Facebook and Google logins, and in the near future Microsoft accounts too.

Azure AD B2C is an enterprise grade cloud service that supports authentication using popular consumer identity services, saving businesses the expense of separately creating and managing identities for customers that want to connect to its services.

Azure AD B2C tenants

Businesses can create one or more Azure AD (AAD) B2C tenants, which differ from standard AAD tenants in that users cannot see each other in the address book. Once created, applications can be registered in the tenant, social network providers added, and policies created to determine the various sign up, sign in and identity management processes. Applications can use OAuth 2.0 or OpenID Connect to request user identity information, and Microsoft’s servers handle passwords and run anomaly detection checks.

When creating a sign-up policy, you can specify the attributes that should be populated, i.e. the information you want to collect from users, the identity providers permitted, which can include self-asserted email signup, and finally Application Claims are set in the policy to determine what attributes are sent to applications.

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.

Multi-factor authentication is optional, requiring users to verify a code sent to their mobiles. Finally, the end-user experience can be customized by specifying the HTML and CSS that B2C will use to render the final pages, but if you don’t want to do this, you can opt to use the default templates provided.

Pricing and roadmap

Microsoft says that pricing will be announced closer to general availability, but there will be a free tier for the first 50,000 identities, and then on a pay-as-you-go basis will depend on the number of users in the directory, quantity of authentications, and quantity of multi-factor authentications.

There are lots of plans for Azure AD B2C, not all of which Microsoft has yet revealed, but currently comprise of improving the UI customization options — including enabling JavaScript — additional language support, the ability to control the lifetime of Access Tokens, ID Tokens, and Refresh Tokens, support for additional identity and custom identity providers, and the option to run reports that quickly give an activity overview.

 

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: