No video
How to provide access to application for different types of users with Azure AD and Azure AD B2C
Рет қаралды 5,760
Күн бұрынThis video presents how to provide access to the ASP .NET Core web application for different types of users using Azure Active Directory and Azure Active Directory B2C identity services available in the Azure cloud.
Helpful links:
Azure AD federation with Azure AD B2C:
docs.microsoft...
Microsoft identity platform documentation:
docs.microsoft...
Identity Developer Templates GitHub repository:
github.com/Dan...
@krzysztofknapik4589 4 жыл бұрын
very nice walk through. Thanks
@TechMindFactory 4 жыл бұрын
Thank you, I am glad that you enjoyed it!
@tomaszgosciminski5026 4 жыл бұрын
Superb!
@TechMindFactory 4 жыл бұрын
Thank you!
@vaddiparthivenkatamuralikr8334 3 жыл бұрын
Thanks for sharing good info
@TechMindFactory 3 жыл бұрын
Thank you!
@brijeshmuliya4679 11 ай бұрын
Nice one, also I am trying to do one thing like .. For some users I don't want to enforce MFA and for some Users I want to only enforce specific method of MFA, can we do this in B2C? I have tried creating groups and all but can not add group into another group as member. I can create conditional access for some users to exclude from MFA but can not find proper workaround to enforce specific method of MFA on particular group of users.
@TechMindFactory 11 ай бұрын
Thank you! When it comes to your question. Yes, this is possible but you will have to also leverage your custom API and database. What you could try to do is to keep information about MFA methods for specific users (identified by objectID from the AD B2C) in the database. During the authentication, you could call your API and basing on the response you should implement sub-journey for MFA method. This could also work with Conditional Access.
@josefrancis3101 2 жыл бұрын
Good video, BTW Is it possible to use Azure AD B2C and do authentication on-premises using Azure AD(IDP) backed by AD Connect (Pass-through authentication and seamless single sign-on) on top of existing on-prem Active Directory?
@TechMindFactory Жыл бұрын
Thank you. When it comes to on-premises authentication. You can federate Azure AD B2C tenant with your Azure AD, here is example: learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-azure-ad-single-tenant?pivots=b2c-custom-policy Once you do it, once you click the button, you will be redirected to your Azure AD login page. If you have Pass-through authentication configured, you should be able to sign in and then be redirected to the Azure AD B2C.
@arqammalik4924 8 ай бұрын
Hi can you please guide me how can i do SiginType as a "UserPrincipleName" i have a c# code to perform bulk create but when i try with signinType "userPrincipleName" it throws null reference error please guide
@TechMindFactory 8 ай бұрын
If I understood correctly, you would like to create Azure AD B2C users using Microsoft Graph API and C#. Please take a look here: learn.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0&tabs=csharp#example-1-create-a-user
@pedrolins2499 2 жыл бұрын
Did not explain everything correct. What is the redirect url? what is the tenant do i have to use b2c or ad?
@saurabhazure3693 3 жыл бұрын
Can we expose AZURE AD API to B2C users without using client credential flow .. I mean API/Webapp is registered in Azure AD(B2B) and access should be given to B2C users
@TechMindFactory Жыл бұрын
No, it is not possible currently in the Azure AD B2C. It is available only in the standard Azure AD for now. If you want to access all users profiles in the Azure AD B2C tenant, you have to use client credentials flow.
@nasirsinani5089 2 жыл бұрын
What about authorizing third-party user for just one specified endpoint for our API? What is the approach of B2C in this situation?
@TechMindFactory 2 жыл бұрын
In this case you have to handle authorization in your API. When user tries to access one of the endpoints, you should verify if this specific user has sufficient permissions. In general when it comes to authorization, the recommended approach is to implement authorization in the application. Azure AD B2C is service which handles used authentication, not authorization. In scenario where you would like to verify if user is authorized to access specific endpoint you should implement additional layer in your API. In the ASP .NET Core for instance you could either use Policies or you could add custom middleware which verifies whether specific user has the sufficient permissions to access specific endpoint.
@nasirsinani5089 2 жыл бұрын
@@TechMindFactory Thank you for your reply. Is it possible to also share an example? Thank you in advance
@Drizzzzy Жыл бұрын
How Azure AD create " tokens " for user authentication? Can anyone explain me ....
@malwaauliya7183 3 жыл бұрын
is the user from azure ad tenant registered to azure ad b2c tenant?
@TechMindFactory 2 жыл бұрын
Yes, there is user record created in the Azure AD B2C with information that this specific user used Azure AD to sign in. User account is created without the password of course.
Tech Mind Factory
Рет қаралды 2,3 М.
Tech Mind Factory
Рет қаралды 9 М.