azure active directory b2c - microsoft...the security. i’m a firm believer that no one should...

Azure Active DirectoryB2C

Daniel Dickinson

Enterprise Mobility Specialist

Are you ready?

Is your identity system ready and secure ?

A consumer identity and access management system needs to be:

Consumer-centric and flexible

• Every customer experience needs to be a positive one

• Customizable consumer interactions

• Choice of social & local accounts

Secure and reliable

• Multiple levels of security controls

• Security reporting

• High availability—SLA

Ready for every business

• Cost-effective

• Scalable

• Global

Faster speed to market

• Standards-based

• Innovative

• Flexible policy framework

Friction-freeconsumer experiences

Secure & reliable

An extensible, standards-based platform

Pay as you grow

Consumer-centric and flexible

Secure and reliable

Ready for every business

Faster speed to market

Total Cost of Ownership (TCO)Software licensing, maintenance, and upgrade costs

24x7 operations and support staff

QoS challengesHigh-availability and disaster recovery infrastructure

Scalability (up to millions of consumers)

Elastic response to demand spikes

Heterogeneous systemsUnified view of the consumer across apps

Security and privacy risksStoring credentials and PII in application DBs

A comprehensive cloud-based consumer directory and IAM service

Superior cloud economics compared to on-premises

For enterprises and ISVs building consumer-facing

mobile, web, and PC apps

Global service that scales to hundreds of millions

of consumers

Highly available, geo-redundant service

Easy-to-integrate consumer self-service capabilities

Enterprise-grade information security and data

breach protection

Smart, scalable pricing with a free tier

(per user + per authentication)

••••••••

Easily import existing customer databases

Scale up to hundreds of millions of users

Provides SSO to various applications

/sites of the same vendor

Users only have visibility into their own

accounts and profiles

Additional security layers (MFA)

Security reports and auditing

SLA 99.9 percent

High availability guaranteed by presence

in 12 regions all over the world

Email or username

Sign in

Password

SIGN IN

OR CONNECT USING:

User-friendly self-service user sign-in

and sign-up experience

Self-service profile management/password reset

“Bring-your-own-identity” using social ID

or create a new, local account set of credentials

Match your identity experience to your

application branding

Email or username

Sign in

Password

OR CONNECT USING:

User-friendly self-service user sign-in

and sign-up experience

Self-service profile management/password reset

“Bring-your-own-identity” using social ID

or create a new, local account set of credentials

Match your identity experience to your

application branding SIGN IN

Integration with existing developertools, libraries, and SDKs supporting OAUTH/Open ID Connect

Support for Web and mobile

(iOS, Android, and Windows Phone)

App level policy configuration

Strong support for open standards

Your organization’s B2C

directory tenant

App1 Application

…

…

…

As needed

As needed

As needed

App2 Application

SignIn-1 policy

SignIn-m policy

ProfileEditing-1 policy

SignUp-n policy

SignUp-2 policy

SignUp-1 policy

ProfileEditing-p policy

Sign up, Sign in, Password reset &

other policies

Social & Local

Accounts

••••••••••

••••••••••

Seamless User

Experience

Multi-Factor Authentication

Protocol support

(OIDC, OAuth2)

Azure AD

Graph API

Demo

AZURE ACTIVE DIRECTORY B2C

Enterprise-grade

information security and

data breach protection

Worldwide footprint and

high availability design

with 99.9 percent SLA

************

Tenants that can scale to

hundreds of millions of

consumer identities

Strong cross-platform

support through open

standards plus flexible

configuration customizable

for each app

Serving its 7 million citizens

Securing policy members & agents

Partnering with a global quick service restaurant (QSR) chain

Engaging with millions of fans

“Azure Active Directory B2C helps us bring the stadium closer to our 450 million fans around the globe with simplified registration and login through social accounts, like Facebook, or traditional username/passwords login.” Rafael De Los Santos, Digital Head

“…helped the Indiana Office of Technology solve a long standing problem with where we put citizen IDs for the different citizen facing applications. With B2C we have the ability for our Indiana residents to create a secure, easy to use and highly available ID that will allow them to safely do business with the State. Our initial deployment of B2C with the Indiana Secretary of State’s Inbiz application has been an overwhelming success allowing Indiana to generate new revenue from day 1 of go-live.” Bryan Long, Cloud Architect

… self-service capabilities enabled with B2C remove the administration resources needed to

provide account support. Our goal was to minimize the amount of technical knowledge our

development team would need … the overall strength of the Azure platform plus extremely

customer-centric pricing model drove our decision. The platform has been rock solid …

David Kessler, IT Manager

“… the customer identity was split between several different systems which made it difficult to extract business insight, develop and execute marketing campaigns … empowered our client to be able to focus on the application with confidence knowing Azure AD B2C handles the security. I’m a firm believer that no one should build their own identity solution. Azure Active Directory B2C gives us a feature-rich, modern solution for providing seamless identity experiences in the cloud.” Oren Novotny, Senior Architect, and a Microsoft MVP

[email protected]

azure active directory b2c - microsoft...the security. i’m a firm believer that no one should...

Documents