Introduction
Azure AD B2C stands for azure active directory Business to consumer. AZURE AD B2C has its own login portal management which can be customized to a certain extent to change the look and feel as required customers.
Azure AD B2C Feature
You have a web app / mobile app and you need a simple way to let users login to your application without registration and also manage their own accounts. You don’t want to worry about security, scalability and ease of use.
Some of the major advantages of using Azure AD B2C below.
-
Supports to integrate with Local Accounts and social accounts such as Facebook, LinkedIn, Google, Microsoft, Amazon required additional work
-
Azure AD B2C also handles multi-factor authentication and password self-service reset by applying some basic configurations.
-
The authentication system provided by Azure AD B2C is very secure for protecting user identity and credentials. Azure AD B2C provides identity as a service for your apps by supporting two industry standard protocols: OpenID Connect and OAuth 2.0.
-
Azure AD B2C components follow high level features like Self-registration, Sign-in, Profile Editing, Self-service Password Reset, Multi Factor Authentication, Single Sign on and Custom Attribute.
-
You can create up to 20 tenants per subscription. This limit helps protect against threats to your resources, such as denial-of-service attacks, and is enforced in both the Azure portal and the underlying tenant creation API
Azure AD B2C Pricing Details
Azure AD Identities
pricing is based on Monthly Active Users (MAU), Microsoft reduces costs and forecast with confidence. Your first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features after free, pay only for what you use. A flat fee of ₹2.162 is billed for each SMS/Phone-based multi-factor authentication attempt.
| PREMIUM P1
|
PREMIUM P2
|
First 50,000 MAU
|
₹0/Monthly Active Users
|
₹0/Monthly Active Users
|
More than 50,000 MAU
|
₹0.234148/Monthly Active Users
|
₹1.170736/Monthly Active Users
|
Separate Charges
|
A flat fee of ₹2.162 is billed for each SMS/Phone-based multi-factor authentication attempt.
|
Setup Azure AD B2C
-
Sign in to the Azure
portal. Or - Sign in with an Azure account that's been assigned at least the Contributor role within the subscription or a resource group within the subscription.
-
You can click on the Directory and subscription filter in the top menu and choose the directory in your subscription. This is a different directory than the one that will contain your Azure AD B2C tenant.
Create new AD B2C
Select a create a new resource in the top-left corner of the Azure portal home screen or Search for and select Active Directory B2C.
Select Azure AD B2C enable users to access application published by your organization and share admin experience
Directory Configuration
You need to provide directory confirmation details as per below
-
Organization Name – Enter the organization name
-
Initial Domain Name - By default, a basic domain name at 'onmicrosoft.com' is included with your directory. Later, you can add a domain name that your organization already uses, such as ‘msdevbuild.com’.
-
Country / Region - You cannot change the geo or region after you create your directory.
Make sure you select the correct geo or region because your choice determines the datacenter for your directory. Microsoft does not control the location from which you or your end users may access or move directory data through the use of apps or services.
-
Subscription - Choose the subscription to use for Azure Active Directory (B2C). It’s free for 50,000 monthly active users (MAUs).
Click on Review +Create buttons, wait for few second, if you are getting any namespace Azure directory issue follow the below steps otherwise skip
Troubleshoot Microsoft.AzureActiveDirectory issue
Each functionality in azure there is a resource provider like Microsoft.AzureAciveDirectory. By default, your Azure Subscription is not registered with all resource providers and because your Subscription is not registered with Microsoft. AzureAciveDirectory resource provider, so you're getting below error notification message
Step 1
Navigate Azure Portal
Step 2
Click on All Services or Home Screen
Step 3
Select your Subscription, From the list of subscriptions, select the subscription you want to use for registering the resource provider.
Step 4
Select Resource Provider Section
Step 5
Look at the list of resource providers and Search related resource
Step 6
select the Register Microsoft. AzureAciveDirectory to register
Step 7
Wait few second, you will get Green mark for registration success
Azure AD Tenant Creation Success
If you do not receive any error message after a click on create button you will get a confirmation message otherwise if you are getting any issue related to the resource provider, you can follow the above steps.
Summary
You have now successfully created a new Azure AD B2C Tenant. You can navigate to the directory home screen. You will notice that you are the only user registered. In my next article will share steps about users create an account and creating applications for sign-up user flow.
In this article, you learned about creating a new Active Directory B2C tenant in Microsoft AZURE. If you have any questions/ feedback/ issues, please write in the comment box.