azure active directory b2c - microsoft...the security. i’m a firm believer that no one should...
TRANSCRIPT
Azure Active DirectoryB2C
Daniel Dickinson
Enterprise Mobility Specialist
Are you ready?
Is your identity system ready and secure ?
A consumer identity and access management system needs to be:
Consumer-centric and flexible
• Every customer experience needs to be a positive one
• Customizable consumer interactions
• Choice of social & local accounts
Secure and reliable
• Multiple levels of security controls
• Security reporting
• High availability—SLA
Ready for every business
• Cost-effective
• Scalable
• Global
Faster speed to market
• Standards-based
• Innovative
• Flexible policy framework
Friction-freeconsumer experiences
Secure & reliable
An extensible, standards-based platform
Pay as you grow
Consumer-centric and flexible
Secure and reliable
Ready for every business
Faster speed to market
Total Cost of Ownership (TCO)Software licensing, maintenance, and upgrade costs
24x7 operations and support staff
QoS challengesHigh-availability and disaster recovery infrastructure
Scalability (up to millions of consumers)
Elastic response to demand spikes
Heterogeneous systemsUnified view of the consumer across apps
Security and privacy risksStoring credentials and PII in application DBs
A comprehensive cloud-based consumer directory and IAM service
Superior cloud economics compared to on-premises
For enterprises and ISVs building consumer-facing
mobile, web, and PC apps
Global service that scales to hundreds of millions
of consumers
Highly available, geo-redundant service
Easy-to-integrate consumer self-service capabilities
Enterprise-grade information security and data
breach protection
Smart, scalable pricing with a free tier
(per user + per authentication)
••••••••
Easily import existing customer databases
Scale up to hundreds of millions of users
Provides SSO to various applications
/sites of the same vendor
Users only have visibility into their own
accounts and profiles
Additional security layers (MFA)
Security reports and auditing
SLA 99.9 percent
High availability guaranteed by presence
in 12 regions all over the world
Email or username
Sign in
Password
SIGN IN
OR CONNECT USING:
User-friendly self-service user sign-in
and sign-up experience
Self-service profile management/password reset
“Bring-your-own-identity” using social ID
or create a new, local account set of credentials
Match your identity experience to your
application branding
Email or username
Sign in
Password
OR CONNECT USING:
User-friendly self-service user sign-in
and sign-up experience
Self-service profile management/password reset
“Bring-your-own-identity” using social ID
or create a new, local account set of credentials
Match your identity experience to your
application branding SIGN IN
Email or username
Sign in
Password
OR CONNECT USING:
User-friendly self-service user sign-in
and sign-up experience
Self-service profile management/password reset
“Bring-your-own-identity” using social ID
or create a new, local account set of credentials
Match your identity experience to your
application branding SIGN IN
Email or username
Sign in
Password
OR CONNECT USING:
User-friendly self-service user sign-in
and sign-up experience
Self-service profile management/password reset
“Bring-your-own-identity” using social ID
or create a new, local account set of credentials
Match your identity experience to your
application branding SIGN IN
Email or username
Sign in
Password
OR CONNECT USING:
User-friendly self-service user sign-in
and sign-up experience
Self-service profile management/password reset
“Bring-your-own-identity” using social ID
or create a new, local account set of credentials
Match your identity experience to your
application branding SIGN IN
Integration with existing developertools, libraries, and SDKs supporting OAUTH/Open ID Connect
Support for Web and mobile
(iOS, Android, and Windows Phone)
App level policy configuration
Strong support for open standards
Your organization’s B2C
directory tenant
App1 Application
…
…
…
As needed
As needed
As needed
App2 Application
SignIn-1 policy
SignIn-m policy
ProfileEditing-1 policy
SignUp-n policy
SignUp-2 policy
SignUp-1 policy
ProfileEditing-p policy
Sign up, Sign in, Password reset &
other policies
Social & Local
Accounts
••••••••••
••••••••••
Seamless User
Experience
Multi-Factor Authentication
Protocol support
(OIDC, OAuth2)
Azure AD
Graph API
Demo
AZURE ACTIVE DIRECTORY B2C
Enterprise-grade
information security and
data breach protection
Worldwide footprint and
high availability design
with 99.9 percent SLA
************
Tenants that can scale to
hundreds of millions of
consumer identities
Strong cross-platform
support through open
standards plus flexible
configuration customizable
for each app
Serving its 7 million citizens
Securing policy members & agents
Partnering with a global quick service restaurant (QSR) chain
Engaging with millions of fans
“Azure Active Directory B2C helps us bring the stadium closer to our 450 million fans around the globe with simplified registration and login through social accounts, like Facebook, or traditional username/passwords login.” Rafael De Los Santos, Digital Head
“…helped the Indiana Office of Technology solve a long standing problem with where we put citizen IDs for the different citizen facing applications. With B2C we have the ability for our Indiana residents to create a secure, easy to use and highly available ID that will allow them to safely do business with the State. Our initial deployment of B2C with the Indiana Secretary of State’s Inbiz application has been an overwhelming success allowing Indiana to generate new revenue from day 1 of go-live.” Bryan Long, Cloud Architect
… self-service capabilities enabled with B2C remove the administration resources needed to
provide account support. Our goal was to minimize the amount of technical knowledge our
development team would need … the overall strength of the Azure platform plus extremely
customer-centric pricing model drove our decision. The platform has been rock solid …
David Kessler, IT Manager
“… the customer identity was split between several different systems which made it difficult to extract business insight, develop and execute marketing campaigns … empowered our client to be able to focus on the application with confidence knowing Azure AD B2C handles the security. I’m a firm believer that no one should build their own identity solution. Azure Active Directory B2C gives us a feature-rich, modern solution for providing seamless identity experiences in the cloud.” Oren Novotny, Senior Architect, and a Microsoft MVP