SlideShare a Scribd company logo
Azure AD B2C: Application
security made easy
Sjoukje Zaal
@SjoukjeZaal szaal@outlook.com
#DevSum19
About me
Sjoukje Zaal
Principal Expert Microsoft / Azure MVP
T: @SjoukjeZaal
W: https://www.sjoukjezaal.com
Agenda
What is AzureAD
B2C andWhy
should I use it?
01
Key Benefits and
Capabilities
• Demo
02
Flows & Policies
• Demo
03
Identity
Providers
• Demo
04
Customize the UI
• Demo
05
What is Azure
Active
Directory
B2C?
Azure AD B2C is an identity
management service that
enables you to customize and
control how customers interact
with your application.
Why use
AzureActive
Directory
B2C?
Highly
available
World
wide
scaling
Secure Reliable
Key Benefits
• Minimal application code
• Easy to maintain
• Enterprise-grade security features
Simple &
Secure
• Multiple Identity Providers
• .NET, iOS, and Android
• Open standards
Flexible
Capabilities
Default
Authentication
Providers
Social Media
Identity
Providers
Custom
Identity
Providers
Single Sign On
Multi-factor
authentication
Enables &
customize sign
up/sign in
Edit profiles
DEMO 1: REGISTERING
THE APPLICATION
Sample application
Web App
MVC App for registering to-do items
Calls Web API
RequestsAccess tokens fromWeb API
Tasks Web API
Performs CRUD operations
Scoped based access control
Application
Code
Open Standards
• Open ID Connect
• OAuth 2.0
MSAL
Demo Summary
7 Added values to web.config files
6 Copied the application Id’s from both apps
5 Generated and copied the client secret
4 Granted the read and write permissions to the demo web app (client)
3 Registered the demo web app
2 Published a read and write permission for theAPI
1 Registered theTasks demoWeb API
Flows &
Policies
Is triggered by
application
Predefined
Reusable
Custom
Attributes
User
flows
Configuration
files
XML
Identity
Experience
Framework
Standards-
based OAuth
2.0, OIDC,
SAML
Custom
Policies
When to use
user flows
Sign-up or sign-
in with local or
social accounts
Self-service
password reset
Profile edit
Multi-Factor
Authentication
When to use
custom
policies
Send a welcome
email using your
own email
service provider
Provision a user
account in
another system
at the time of
registration
Use a user store
outsideAzure
AD B2C
Validate user
provided
information
with a trusted
system by using
an API
DEMO 2: CREATING A
USER FLOW
Demo Summary
5 Run the application
4 Made changes to the web.config
3 Selected the included fields and returned claims
2 Selected the Identity Provider to enable the flow
1 Created a new user flow
Identity
Providers
Authentication
Service Security tokens
Out-of-the-box
providers
Client Id &
Secret
DEMO 3: CONFIGURING
AN IDENTITY PROVIDER
Demo Summary
4 Tested the user flow from the Azure B2C tenant
3 Enabled the Identity Provider in the user flow
2 Added the client id and client secret to the identity provider
1 Registered a new Identity Provider in Azure B2C
Page UI
customization
feature
Customize
look and
feel
Visual
Consistency
CORS
Merges UI
with HTML
DEMO 4: CUSTOMIZETHE
UI
Demo Summary
6 Tested the user flow
5 Updated the user flow
4 Uploaded the HTML/CSS files to the Blob container
3 Created a custom HTML/CSS file
2 Enabled CORS
1 Created a storage account and blob container
Multi-factor
authentication
User flow
level
No code
required
DEMO 5: ENABLING MFA
Demo Summary
3 Tested the application
2 Enabled Multifactor Authentication (MFA)
1 Openend the user flow settings
Wrap up
It’s not Azure B2B
App can be hosted everywhere
Migrate with Azure AD Graph API
Reporting and Monitoring
Language customization
QUESTIONS?
And….
Last but not least
– don’t forget to evaluate this
session in the DevSum app!
#DevSum19

More Related Content

What's hot

Azure Active Directory - An Introduction
Azure Active Directory  - An IntroductionAzure Active Directory  - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
gjuljo
 
Azure 101
Azure 101Azure 101
Azure 101
Korry Lavoie
 
Aws Autoscaling
Aws AutoscalingAws Autoscaling
Aws Autoscaling
Kimberly Macias
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Edureka!
 
Azure governance
Azure governanceAzure governance
Azure governance
girish goudar
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)
Akash Agrawal
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
Crishantha Nanayakkara
 
Rover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerRover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker Container
Sujay Pillai
 
Stephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsStephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environments
MSDEVMTL
 
Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)
Pedro Sousa
 
Azure Identity and access management
Azure   Identity and access managementAzure   Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
Lalit Rawat
 
External collaboration with Azure B2B
External collaboration with Azure B2BExternal collaboration with Azure B2B
External collaboration with Azure B2B
Sjoukje Zaal
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
CloudHesive
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
Allen Brokken
 

What's hot (20)

Azure Active Directory - An Introduction
Azure Active Directory  - An IntroductionAzure Active Directory  - An Introduction
Azure Active Directory - An Introduction
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
 
Azure 101
Azure 101Azure 101
Azure 101
 
Aws Autoscaling
Aws AutoscalingAws Autoscaling
Aws Autoscaling
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
Azure governance
Azure governanceAzure governance
Azure governance
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
Rover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker ContainerRover: Implementing Landing Zone Using Docker Container
Rover: Implementing Landing Zone Using Docker Container
 
Stephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsStephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environments
 
Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)
 
Azure Identity and access management
Azure   Identity and access managementAzure   Identity and access management
Azure Identity and access management
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
 
External collaboration with Azure B2B
External collaboration with Azure B2BExternal collaboration with Azure B2B
External collaboration with Azure B2B
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 

Similar to DevSum: Azure AD B2C Application security made easy

Intelligent Cloud Conference: Azure AD B2C Application security made easy
Intelligent Cloud Conference: Azure AD B2C Application security made easyIntelligent Cloud Conference: Azure AD B2C Application security made easy
Intelligent Cloud Conference: Azure AD B2C Application security made easy
Sjoukje Zaal
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
Jeremy Gray
 
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughAzure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Vinu Gunasekaran
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
Nuno Árias Silva
 
External collaboration with Azure B2B
External collaboration with Azure B2B External collaboration with Azure B2B
External collaboration with Azure B2B
Sjoukje Zaal
 
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
CSF18 - External Collaboration with Azure B2B - Sjoukje ZaalCSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
NCCOMMS
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1
Vinu Gunasekaran
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
atwork
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
Kumton Suttiraksiri
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
Sjoukje Zaal
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
BizTalk360
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
Nuno Árias Silva
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday:  External Collaboration With Azure AD B2BAzure Saturday:  External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
Sjoukje Zaal
 
Passwordless Development using Azure Identity
Passwordless Development using Azure IdentityPasswordless Development using Azure Identity
Passwordless Development using Azure Identity
Sarah Dutkiewicz
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
Manoj Mittal
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
Scott Hoag
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020
Microsoft 365 Developer
 

Similar to DevSum: Azure AD B2C Application security made easy (20)

Intelligent Cloud Conference: Azure AD B2C Application security made easy
Intelligent Cloud Conference: Azure AD B2C Application security made easyIntelligent Cloud Conference: Azure AD B2C Application security made easy
Intelligent Cloud Conference: Azure AD B2C Application security made easy
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
 
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughAzure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy Walkthrough
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
 
External collaboration with Azure B2B
External collaboration with Azure B2B External collaboration with Azure B2B
External collaboration with Azure B2B
 
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
CSF18 - External Collaboration with Azure B2B - Sjoukje ZaalCSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
CSF18 - External Collaboration with Azure B2B - Sjoukje Zaal
 
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje ZaalO365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
O365Con18 - External Collaboration with Azure B2B - Sjoukje Zaal
 
Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1Azure AD B2C Webinar Series: Custom Policies Part 1
Azure AD B2C Webinar Series: Custom Policies Part 1
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday:  External Collaboration With Azure AD B2BAzure Saturday:  External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
 
Passwordless Development using Azure Identity
Passwordless Development using Azure IdentityPasswordless Development using Azure Identity
Passwordless Development using Azure Identity
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020
 

Recently uploaded

存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
hackersuli
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
bseovas
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
saathvikreddy2003
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 

Recently uploaded (19)

存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024[HUN][hackersuli] Red Teaming alapok 2024
[HUN][hackersuli] Red Teaming alapok 2024
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
不能毕业如何获得(USYD毕业证)悉尼大学毕业证成绩单一比一原版制作
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
Design Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptxDesign Thinking NETFLIX using all techniques.pptx
Design Thinking NETFLIX using all techniques.pptx
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 

DevSum: Azure AD B2C Application security made easy

Editor's Notes

  1. This interaction includes the sign up, sign in process, and managing the user profiles from customers that use your custom applications.
  2. Use the underlying cloud infrastructure which is designed for high availability which is used by all the other Azure resources as well It offers world wide scaling, Azure B2C scales across all the Azure regions, so the response is fast out of the box. Capable of supporting millions of users and billions of authentications per day.
  3. Easy to maintain: All changes are made inside the Azure portal. It supports multiple types of application, such as iOS, Android, .NET application, for instance, and other types of applications. Azure AD B2C protects your customer identities. Open standards OAuth 2.0
  4. I’ve skipped the step of creating an Azure AD B2C tenant, because this is a very straightforward process. AppID URI Set the AppID URI to demoapi. This AppID URI is a unique identifier representing this particular ASP.NET Web API. The AppID URI is used to construct the scopes that are configured in your ASP.NET Web Application. For example, in this ASP.NET Web API sample, the scope will have the value  https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi#Using-your-own-Azure-AD-B2C-Tenant
  5. https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi#Using-your-own-Azure-AD-B2C-Tenant Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a application running at one domain have permission to access selected resources from a app at a different domain. Define Scopes for CORS Scopes are used by the web API to implement scope-based access control. Users of the web api need to have read an write permissions in Azure B2C. The published scopes are used to grant the client application permissions to the web app. To call a protected web API from the client application, you need to grant your application permissions to the API. https://www.w3.org/TR/cors/  hoe uitleggen??? uitzoeken
  6. MSAL: Microsoft Authentication Libraries
  7. Uitzoeken waarom Published scopes: https://www.w3.org/TR/cors/
  8. Add the Web Application
  9. Add the Web Application
  10. Add the Web Application
  11. Add the Web Application
  12. Add the Web Application
  13. Add the Web Application
  14. Add the Web Application
  15. Add the Web Application
  16. Add the Web Application
  17. Add the Web Application
  18. User Flows To enable users to sign up, sign in, or manage their profile, you need to create multiple types of user flows inside the Azure B2C tenant. Because you register this inside the tenant, you can reuse these flows in different types of applications. Policies Custom policies are configuration files that define the behavior of your Azure Active Directory (Azure AD) B2C tenant. User flows are predefined in the Azure AD B2C portal for most common identity tasks. Custom policies can be fully edited by an identity developer to complete many different tasks. Identity Experience Framework: Custom policies use the Identity Experience Framework, which is basically a contract that is used that reduces the complexity of identity federation. The complexity is reduced to a single trust relationship and a single metadata exchange. https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-trustframeworks-defined-ief-custom Standards: OAuth 2.0 which is an authorization framework, OIDC which stands for OpenID Connect, which is an authentication layer on top of OAuth 2.0, and SAML (Security Assertion Markup Language) which is It’s an open standard that provides both authentication and authorization. (https://spin.atomicobject.com/2016/05/30/openid-oauth-saml/)
  19. https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-custom-attr https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-policies
  20. Policies Policies fully describe identity experiences such as sign-up, sign-in, or profile editing. So for instance, you have a scenario where during the registration process, you want to user account to be added to your CRM system as well. For this, you need to create a custom policy, because this is not part of the standard predefined user flows.
  21. Is a predefined user flow that is going to be configured for this type of application
  22. Is a predefined user flow that is going to be configured for this type of application
  23. An identity provider is a service that authenticates customer identities and issues security tokens. In Azure AD B2C, you configure a number of identity providers in your tenant, such as a Microsoft account, Facebook, or Amazon among others. To configure an identity provider in your Azure AD B2C tenant, you must record the application identifier or client identifier and the password or client secret from the identity provider application that you create. This identifier and password are then used to configure your application.
  24. Most of the HTML and CSS content that's presented to customers is controllable. By using the page UI customization feature, you customize the look and feel of any policy. You maintain brand and visual consistency between your application and Azure AD B2C by using this customization feature. Azure AD B2C runs code in the customer's browser and uses a modern approach called Cross-Origin Resource Sharing (CORS). Azure AD B2C code in a browser uses a modern and standard approach to load custom content from a URL that you specify in a user flow. Cross-origin resource sharing (CORS) allows restricted resources on a web page to be requested from other domains. First, you specify a URL in a policy with customized HTML content. Azure AD B2C merges UI elements with the HTML content that's loaded from your URL and then displays the page to the customer. You send parameters to Azure AD B2C in a query string. By passing the parameter to your HTML endpoint, the page content is dynamically changed. For example, you change the background image on the Azure AD B2C sign-up or sign-in page based on a parameter that you pass from your web or mobile application.
  25. https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-language-customization