Firebase Authentication with Azure AD B2C

Question

I have a native iOS application developed in xCode/Swift that integrates the Firebase Auth SDK for registering and login of new users. The Firebase Auth system should be linked to an Azure Active Directory B2C so that:

• new users that are created exist in both Firebase Auth and Azure AD B2C (I guess with same credentials?)
• when a user is logged in, he/she is logged-in both in the context of the Firebase Auth and Azure AD B2C so that secure call are possible on both platforms
• when users are deleted either on the Azure AD B2C or firebase Auth they should also be deleted on the other platform. For this I could maybe use the Firebase Functions Triggered on Auth events to sync with Azure AD B2C. For Azure AD B2C back to Firebase Auth I could foresee also a Firebase function that can be called (by Azure AD B2C) do delete a user.

After doing research I found that Firebase supports "custom tokens" (refer to https://firebase.google.com/docs/auth/admin/create-custom-tokens). Could this offer a solution? I do not see anything about creating new users, only authentication...

Answer 1

Me and me team developed a solution for this exact scenario around custom tokens. Our implementation run since a couple of months on Azure and we had no problem at all yet.

Here is the flow:

Notes:

1. Azure B2C can be replace by any STS.
2. The Azure function can be replace by any backend process.

---

Also, the good thing is that you don't have to maintain users in Firebase since you don't create Firebase users and only use a custom token so no need to delete users.