Azure Active Directory (AD) B2C is really useful for developers that want to build applications and mobile services that can use identity services like Facebook, Google and in the near future a Microsoft Account. The AD B2B is useful for partners that they need to authenticate to each other, so the name Business 2 Business (B2B).
These new services expand what actually Azure AD does for years now: Identity management. But now we talk about not only internal identities, it’s about external identities. Available as a service, the first 50.000 identities are free, and after that developers pay “a fraction of a cent per authentication and per stored identity,” according to a new Microsoft blog post about the new services.
It’s important to think that Azure AD is open standards based, so you can use it to manage identities for your Windows, but also iOS, Android and web based applications.
Azure AD B2B Collaboration is a new set of capabilities in Azure AD that enable secure collaborate between business-to-business partners. Organizations can now create advanced trust relationships between them so they can easily share applications, without having to worry about partner identities.
As Microsoft says, with 6 million partners using Azure AD, there is a great chance that your partner is already using Azure AD, so you can start using B2B and collaborate immediately. The current B2C preview is free, but preview tenants are limited at 500,000 users.
Let’s take a look at B2C
I’ve spent some time during the previous days, so it’s now a good idea to take a look at B2C. So let’s go and create a new tenant that will use B2C. Currently B2C features can’t be turned on in your existing directories, if you have any:
Choose the name, domain name and country or region for your tenant. Check the option that says “This is a B2C directory“:
Wait for the new tenant to be created. You are also the Global Admin of this tenant and keep in mind that the operation may take several minutes. When it’s finished, you can check the settings of the new tenant:
The configuration of this new tenant appears in the new Azure Portal as a blade, when you click on “Configure” and then “Manage B2C Settings”:
It’s a good idea to pin this blade to your Azure Startboard for easy access:
From this screen, you can create new Applications, Identity providers, User attributes, Sign-up and Sign-in policies. The important part to notice here is about the Identity providers: when you click on Identity providers, you have the option to select Facebook, Google, Amazon, LinkedIn:
If you want to check a simple B2C configuration, you can check the excellent article by Stuart Kwan (Twitter: @stuartkwan) here: http://blogs.technet.com/b/ad/archive/2015/09/16/azure-ad-b2c-and-b2b-are-now-in-public-preview.aspx
We’ll come back about the new B2B feature in a future blog post.