Azure Active Directory B2C

  • Author: Ronald Fung

  • Creation Date: May 9, 2023

  • Next Modified Date: May 9, 2024

A. Introduction

Azure Active Directory B2C (Azure AD B2C) is a customer identity access management (CIAM) solution that enables you to sign up and sign in your customers into your apps and APIs. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications. Learn how to use Azure AD B2C with our guide, tutorials, and code samples.

B. How is it used at Seagen

As a biopharma research company using Microsoft Azure, you can use Azure Active Directory B2C (Azure AD B2C) to provide authentication and identity management for your customer-facing applications. Here are some ways you can use Azure AD B2C:

  1. Identity management: Azure AD B2C provides identity management capabilities that allow you to manage user accounts and profiles. You can customize the user sign-up and sign-in experience and enable self-service password reset.

  2. Social identity providers: Azure AD B2C allows users to sign in to your applications using their social identities, such as Facebook, Google, and LinkedIn. This can help to simplify the sign-in process and improve user experience.

  3. Custom policies: Azure AD B2C provides the ability to create custom policies for authentication and authorization. You can define policies that meet your specific business requirements and integrate with your existing applications.

  4. Multi-factor authentication: Azure AD B2C supports multi-factor authentication, which provides an additional layer of security for user authentication. You can require users to provide a second form of authentication, such as a text message or phone call, in addition to their password.

  5. Custom branding: Azure AD B2C allows you to customize the branding of your sign-up and sign-in pages. You can add your company logo, colors, and other branding elements to provide a consistent experience for your users.

Overall, Azure AD B2C can help your biopharma research company provide authentication and identity management for your customer-facing applications. With identity management, social identity providers, custom policies, multi-factor authentication, and custom branding, Azure AD B2C can help you improve user experience and enhance the security of your applications.

C. Features

Azure Active Directory B2C (Azure AD B2C) is a cloud-based identity and access management service designed for customer-facing applications. It provides a range of features that can help your organization to manage authentication and authorization for your customers. Here are some of the key features of Azure AD B2C:

  1. Customizable sign-up and sign-in experiences: Azure AD B2C allows you to create customized sign-up and sign-in experiences for your customers. You can add your own branding, logos, and images to the user interface, and you can choose which identity providers to support, including social identities, enterprise identities, and local accounts.

  2. Multi-factor authentication: Azure AD B2C supports multi-factor authentication, which can help you to increase the security of your customer accounts. You can require users to provide a second factor of authentication, such as a phone number, email address, or biometric data, in addition to a password.

  3. Identity management: Azure AD B2C provides identity management features that allow you to manage user accounts, profiles, and attributes. You can customize the user sign-up process, enable self-service password reset, and manage user data in a central location.

  4. Custom policies: Azure AD B2C allows you to create custom policies that define the behavior of your customer-facing applications. You can use these policies to specify the authentication requirements, authorization rules, and access control policies for your applications.

  5. Social identity integration: Azure AD B2C provides integration with social identity providers such as Facebook, Google, and LinkedIn. This allows your customers to use their existing social media accounts to sign in to your applications, which can help to simplify the sign-in process and improve user experience.

  6. Custom API integration: Azure AD B2C allows you to integrate your customer-facing applications with custom APIs and web services. This can help you to extend the functionality of your applications and provide a more seamless user experience.

Overall, Azure AD B2C provides a range of features that can help your organization to manage authentication and authorization for your customers. With customizable sign-up and sign-in experiences, multi-factor authentication, identity management, custom policies, social identity integration, and custom API integration, Azure AD B2C can help you to provide a secure and seamless experience for your customers.

D. Where implemented

E. How it is tested

<<<<<<< HEAD

  • Create a test user in your Azure B2C directory using the Azure portal.

  • Create a test application that uses Azure B2C for authentication and authorization.

  • Configure the test application to use the test user you created in step 1.

  • Test the authentication and authorization process by logging in to the test application using the test user’s credentials.

  • Verify that the test application is able to retrieve and use the user’s profile information from Azure B2C.

  • Test the sign-out process to ensure that the user’s session is properly terminated.

  • Test various scenarios, such as incorrect passwords, expired tokens, and invalid requests, to ensure that the Azure B2C service is handling errors properly. ======= Testing Azure Active Directory B2C involves ensuring that the identity and access management service is functioning correctly, securely, and meeting the needs of all stakeholders involved in the project. Here are some steps to follow to test Azure Active Directory B2C:

  1. Define the scope and requirements: Define the scope of the project and the requirements of all stakeholders involved in the project. This will help ensure that Azure Active Directory B2C is designed to meet the needs of all stakeholders.

  2. Develop test cases: Develop test cases that cover all aspects of Azure Active Directory B2C functionality, including user registration, sign-in, and password reset. The test cases should be designed to meet the needs of the organization, including scalability and resilience.

  3. Conduct unit testing: Test the individual components of Azure Active Directory B2C to ensure that they are functioning correctly. This may involve using tools like PowerShell or Azure CLI for automated testing.

  4. Conduct integration testing: Test Azure Active Directory B2C in an integrated environment to ensure that it works correctly with other systems and applications. This may involve testing Azure Active Directory B2C with different operating systems, browsers, and devices.

  5. Conduct user acceptance testing: Test Azure Active Directory B2C with end-users to ensure that it meets their needs and is easy to use. This may involve conducting surveys, interviews, or focus groups to gather feedback from users.

  6. Automate testing: Automate testing of Azure Active Directory B2C to ensure that it is functioning correctly and meeting the needs of all stakeholders. This may involve using tools like Azure DevOps to set up automated testing pipelines.

  7. Monitor performance: Monitor the performance of Azure Active Directory B2C in production to ensure that it is meeting the needs of all stakeholders. This may involve setting up monitoring tools, such as Azure Monitor, to track usage and identify performance issues.

  8. Address issues: Address any issues that are identified during testing and make necessary changes to ensure that Azure Active Directory B2C is functioning correctly and meeting the needs of all stakeholders.

By following these steps, you can ensure that Azure Active Directory B2C is tested thoroughly and meets the needs of all stakeholders involved in the project. This can help improve the quality of Azure Active Directory B2C and ensure that it functions correctly in a production environment.

41276a5d39d164c69eba627f2d32b96c34fc1d7d

F. 2023 Roadmap

  • Extend use to GitHub members who are not at Seagen

  • Extend use to be powered by the Saviynt API

G. 2024 Roadmap

  • Integrate with other providers and companies

H. Known Issues

<<<<<<< HEAD

  • Seagen currently locks down the B2C ecosystem and does not use it to actually federate with their Seagen Corp. The boundary is a challenge because it prohibits people from authenticating properly with OAuth. The IAM team needs to resolve this. ======= There are several known issues that can impact Azure Active Directory B2C. Here are some of the most common issues to be aware of:

  1. Configuration issues: Configuration issues can arise when setting up Azure Active Directory B2C. It is important to ensure that all configurations are set up correctly to avoid issues with authentication and access management.

  2. Performance issues: If the system is not properly sized, it can impact performance and availability, causing issues with authentication and access management.

  3. Integration issues: Integration issues can arise when integrating Azure Active Directory B2C with other systems and applications. It is important to ensure that Azure Active Directory B2C is designed to work seamlessly with other systems and applications to avoid integration issues.

  4. Security issues: Security is a critical concern when it comes to Azure Active Directory B2C. It is important to ensure that all data is encrypted in transit and at rest, and that access to Azure Active Directory B2C is restricted to authorized personnel.

  5. User experience issues: User experience issues can arise when using Azure Active Directory B2C. It is important to ensure that the user experience is intuitive and easy to use to avoid issues with user adoption.

  6. MFA issues: Multi-factor authentication (MFA) can sometimes cause issues with authentication and access management, particularly if users have difficulty using MFA methods.

Overall, Azure Active Directory B2C requires careful planning and management to ensure that it is functioning correctly and meeting the needs of all stakeholders involved in the project. By being aware of these known issues and taking steps to address them, you can improve the quality of Azure Active Directory B2C and ensure the success of your project.

41276a5d39d164c69eba627f2d32b96c34fc1d7d

[x] Reviewed by Enterprise Architecture

[x] Reviewed by Application Development

[x] Reviewed by Data Architecture