1) Azure Active Directory (Azure AD) B2C and Azure AD B2B Collaboration provide solutions for organizations to securely connect with customers and partners.
2) Azure AD B2C enables authentication of individual customers with their preferred identity provider and collection of customer data. Azure AD B2B allows collaboration between organizations without needing to manage partner identities.
3) Updates include improved policy customization in Azure AD B2C, increased number of monthly active users, and new capabilities like invitation APIs and auditing in Azure AD B2B.
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Working with external identities: Learn how to enable partners, suppliers and customers to access your applications
1.
2.
3. What motivates us
Customer problem Every organization; no matter how big or small; no matter the
industry vertical; no matter their compliance and security posture - needs to work with
other organizations and connect with their customers to succeed in their business. Today
this is done in expensive, time consuming and often insecure ways.
Our goal: Enable organizations with Azure AD to work with any other organization; and
connect with customers and citizens; easily and securely.
9. Apps
Analytics
CRM and
Marketing
Automation
Business
Social IDs
Business & Government IDs
contoso
Customers
Azure AD B2C
Securely authenticate customers
with their preferred identity provider
Provide branded registration
and login experiences
Capture login, preference, and
conversion data for customers
13. Work with any organization or select specific organizations.
DEMO
+ SAML
+ OIDC
14. App #1
(WoodGrove Fresh Market
app)
WoodGrove
AAD B2C
Tenancy
Signup
Sign In
• Email?
• Date Of Birth?
• Country?
• Accept Terms
of Use.
Block
Welcome!
Minor?
Yes
No
SignUp attributes
collected from User
Date of Birth
Essentials for GDPR Scenarios!
15. Sign In
WoodGrove
AAD B2C
Tenancy
Progressive
Signin
App #1
odGrove Fresh Market
app)
Have
Phone #?
Yes
No
Phone?
(optional)
ToU Up to Date?
Accept NEW
ToU
Welcome
Back!
SignIn attributes
collected from User
Latest Version?
Latest Date ?
Essentials for GDPR Scenarios!
16.
17. Connect with your partners using Azure AD B2B Collaboration
Azure AD B2B Collaboration enables an organization
with Azure AD to work with any other organization on
the planet, easily and securely – without having to create
and manage new identities for their partners – enabling
secure “Bring Your Own Identity” experiences for your
supply chain partners and external collaborators.
18.
19.
20.
21.
22.
23.
24. WoodGrove
Corp AAD
Tenancy
WoodGrove
AAD B2C
Tenancy
Joes Fresh
Produce
(Food
Distributor)
Contoso
(Supplier/Farmer to
Woodgrove)
Using consumer ID
App #1
(WoodGrove Fresh Market
app)
Azure AD B2B
Collab
WoodGrove Organization
Tenant Management
App #2
WoodGrove (Market
Admin/Dashboard app)
Inventory
OIDCSAML
LitwareF128
Non-AAD
AAD
Direct Federation
Organizational Customers
Sign In
Individual Customers
Partner Organizations
SMB/Individual Partners
Azure AD B2B
Collab
Other
Identity Provider
AAD
Ws-FedSAML
Non-AAD
25.
26. Access tokens support now GA
+ Programmatic (API) (MS GRAPH)
App Registration - soon
Policy CRUD
CRUD of Social accounts
+ Richer Audit data
+ Integration with Application Insights to
analyze user behavior
+ Now over 110 guides, tutorials and
reference docs. NEW COURSE RELEASED!
36. • Better connections with your
business customers (SAML, OIDC,
AAD Common Endpoint)
• Native app authentication option
using Resource Owner Creds
(ROPC)
• More customization and control
using javascript
• Custom password complexity
Tools for GDPR scenarios:
Terms of Use and Consent to
Share
Minor age-gating
Data Delete and Data Export
Cloud Service Provider (CSP)
support
Programmatic API’s for
apps/policies
Improved Policy UI
41. B2B users in Azure AD
Organizations using Azure AD B2B collaboration
42. admins to invite B2B users
https://portal.azure.com
capabilities for Information Workers
https://myapps.microsoft.com
any email address on the planet
4. MFA for B2B users
5. PowerShell support
6. Auditing and reporting
Invitation APIs
1:5 ratio
43.
44. DMZ
https://sales.contoso.com/
Azure Active Directory Application Proxy for B2B
Single Sign-on to on-premises applications
Application
Proxy
User
Azure or 3rd Party IaaS
connector
connectorconnector
Microsoft Azure
Active Directory
connector
https://sales.contoso.com https://expense https://travel https://hrweb
45. Microsoft Confidential
B2B for on-premises Apps
• MIM to create B2B identities OnPrem
• Differential Query Script: For those who don’t use MIM
46.
47. Who has/should
have access to
what resources?
01
What are they
doing with that
access?
02
Are there effective
organizational
controls for
managing access?
03
Can auditors verify
that the controls
are working?
04
Manage risk and compliance through governed and audited access to resources,
48. Configure, enforce, audit compliance
Create a Terms
of Use
Enforce at
Sign-In
Review audit
reports
Users consent
49. Recertify: attest and audit continued access
Create an
access review
Reviewers give
feedback
Review audit
reports
Results applied
50. Enforce on-demand, just-in-time access
Optionally leverage per-role approval workflows
Attest admin role membership with access reviews
Visibility through alerts and audit reports
Ordinary
user
Global
administrator
Discover, restrict, and monitor privileged identities
Ordinary
user
Role privileges expire
after a specified
interval