Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Azure Active Directory B2C deployment via resource manager (or code)

Tags:

azure

azure-active-directory

adal

azure-resource-manager

Our company is considering using AAD B2C as the backing store for our SaaS user accounts. Our plan is use Resource Manager templates to deploy the Azure infrastructure (web, storage, sql, etc) for each client. AAD B2C will be part of that if this works out, but as of now there doesn't appear to be a way to include AAD B2C in resource manager templates.

My view of the intent of the B2C product is that it serves as a replacement for the auth and user store components of an app, and should therefore be considered infrastructure. Right now the hierarchy between AAD and resource groups in the new azure portal doesn't reflect that - resource groups (and their resources) appear 'under' an identity in an AAD account. But why is that? Is an AAD a parent to a resource group? I'm trying to understand how the two fit together.

If AAD B2C is really intended to serve this purpose when it leaves preview, it will need to support automation. After a quick search I can't even find code samples to provision a new directory, let alone do so using Resource Manager templates.

Am I looking at this all wrong?

like image 637
Josh Avatar asked Oct 27 '15 23:10

Josh

1 Answers

Currently there is no way to automate the creation of an AAD B2C tenant like there is also no way to automate the creation of an AAD tenant.

After you created a tenant you can access it programmatically via the Graph API. You can read more about this in the documentation: https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/.

The first paragraph of this documentation mentions the following:

Azure Active Directory (Azure AD) B2C tenants tend to be very large. This means that many common tenant management tasks need to be performed programmatically. A primary example is user management. You might need to migrate an existing user store to a B2C tenant. You may want to host user registration on your own page and create user accounts in Azure AD behind the scenes. These types of tasks require the ability to create, read, update, and delete user accounts. You can do these tasks by using the Azure AD Graph API.

Caution: at the point of writing this is still in preview so the API can change any time and you have no SLA.

For the latest status about which Azure services support ARM you can read this page: https://azure.microsoft.com/en-us/documentation/articles/resource-manager-supported-services/

like image 163
Wessel Kranenborg Avatar answered Oct 17 '22 09:10

Wessel Kranenborg
Sign in to Comment

Related questions

Azure-hosted ASP.NET MVC site drops client cache-related HTTP headers
Moving a DocumentDB Collection to Azure Data Lake Storage
Azure CDN + Asp.net MVC Cloud Service compression for bundles not working
How does azure websites with EF migrations ensure integrity when updating
Open excel/word document from ASP.NET in Office Web Apps to edit?
Azure Web App: HTTP Error 500 on favicon.ico
Azure Socket Leaks?
Using Adal for accessing the Azure KeyVault on behalf of a user
How to use nested TransactionScopes against an Azure SQL Database
ASP.Net when trying to read xml file, "An operation was attempted on a nonexistent network connection"
pymssql and Adaptive Server connection failed
Access Token missing or malformed when calling Graph API
Refresh token not returned for Office365 accounts purchased through GoDaddy
Pods stuck in pending state
Azure Function creating too many connections to PostgreSQL
Azure SDK 2.5.1 for vs2013 update notification always exists
How to reduce SQL Server transaction log usage
Azure Functions 2 - How to control json serialization settings
Data Truncation issue while importing excel from Azure Blob storage to Sql Server

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!