Building micro services through Event Driven Architecture part16 : Azure Active Directory B2C

Building microservices through Event Driven Architecture part16 : Azure Active Directory B2C

This tutorial is the 16th part of a series : Building microservices through Event Driven Architecture.

The previous step is about  Building micro services through Event Driven Architecture part15 : SPA Front End.

In this tutorial, I will show how to use an Identity provider to secure microservies by enabling Oauth2 and OpenId Connect using  Azure AD B2C.

Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs.

Learn more about Azure AD B2C  in What is Azure Active Directory B2C?

Azure Active Directory B2C 

To setup Azure AD B2C as an identity provider , I need to create a B2C tenant wich is different from a Azure AD tenant 

Azure AD B2C is a separate service from Azure Active Directory (Azure AD). It is built on the same technology as Azure AD but for a different purpose – to allow businesses build customer facing application and then allow anyone to sign up into those applications with no restrictions on user account.

Learn more about Azure AD  in What is Azure Active Directory?

So to create a B2C tenant go to portal.azure.com and search for
Azure Active Directory B2C  and click on create button

click on Create a new Azure AD B2C Tenant.

Complete the form respecting the naming convention and click on Review + Create

User flows

In Azure AD B2C, you can define the business logic that users follow to gain access to your application. For example, you can determine the sequence of steps users follow when they sign in, sign up, edit a profile, or reset a password. After completing the sequence, the user acquires a token and gains access to your application.

User flows and custom policies overview

To create user flows, go to your azure AD B2C  Tenant  and click on User Flows as shown in the following picture, and then click on New user flow.

Here I’m going to create  Sign In Up , Password Reset and Edit Profile policies

Sign Up and Sign In

Sign In Up policy enable users to register and create an account or to log into this Azure AD B2C Tenant.

To create  a user Sign Up/In user flow , just follow the steps as shown in the following picture

Edit Profile 

Edit Profile policy enable users to complete or update their profile for this  Azure AD B2C Tenant.

To create  a Edit Profile user flow , just follow the steps as shown in the following picture

Password Reset

Password Reset policy enable users to change their password for this  Azure AD B2C Tenant.

To create a Password Reset user flow , just follow the steps as shown in the following picture

 Test User flows

To  test my user flows I should register an application in my Azure AD B2C Tenant.

Go to  the azure AD B2C Tenant and then click on the link App Registrations and fill in the form accordingly

Register an application

I set the name , select the supported account types, set https://jwt.ms/  as the redirect uri as shown in the following picture.

Now the test the Sign Up Sign In policy , I have to click on Run user flow

Select the application I registered earlier and click on run user flow

I will be prompted to sign Up , so I can follow the steps to sign Up/In and get an access token

 

Code source is available here : 

• https://github.com/logcorner/LogCorner.EduSync.Speech.Front/tree/develop
• https://github.com/logcorner/LogCorner.EduSync.Speech.Query/tree/develop
• https://github.com/logcorner/LogCorner.EduSync.Speech.Command/tree/develop
• https://github.com/logcorner/LogCorner.EduSync.Speech.ServiceBus/tree/develop

Thanks for reading, if you have any feedback, feel free to post it

Regards