1 min read
Azure AD B2C: Customer Identity Management
I wrote “Azure AD B2C: Customer Identity Management” to share practical, production-minded guidance on this topic.
Key Features
- Social identity providers (Google, Facebook, Apple)
- Local accounts (email + password)
- Custom policies for complex flows
- Self-service password reset
- MFA support
- Custom UI branding
Setting Up
- Create Azure AD B2C tenant
- Register your application
- Create user flows or custom policies
- Integrate with your app
User Flows
Built-in flows for common scenarios:
- Sign up and sign in
- Password reset
- Profile editing
Custom Policy Example
<TrustFrameworkPolicy>
<UserJourneys>
<UserJourney Id="SignUpOrSignIn">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="CombinedSignInAndSignUp">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange"/>
<ClaimsProviderSelection TargetClaimsExchangeId="GoogleExchange"/>
</ClaimsProviderSelections>
</OrchestrationStep>
</OrchestrationSteps>
</UserJourney>
</UserJourneys>
</TrustFrameworkPolicy>
React Integration
import { PublicClientApplication } from "@azure/msal-browser";
const msalConfig = {
auth: {
clientId: "your-client-id",
authority: "https://yourtenant.b2clogin.com/yourtenant.onmicrosoft.com/B2C_1_signupsignin",
knownAuthorities: ["yourtenant.b2clogin.com"]
}
};
const pca = new PublicClientApplication(msalConfig);
// Login
pca.loginPopup({ scopes: ["openid", "profile"] });
// Get token
const token = await pca.acquireTokenSilent({ scopes: ["api://your-api/access"] });
Pricing
- First 50,000 MAU (Monthly Active Users) free
- $0.00325 per additional MAU
- MFA: $0.03 per authentication
B2C handles the complexity of customer identity so you can focus on your application.\n\n## Takeaways\n\nAdd a concise, personal takeaway and recommended next steps here.\n