The difference in authentication between Azure Active Directory B2B and B2C

POWERAPPS PORTAL PART 3

Azure Active Directory (Azure AD) is Microsoft’s identity provider for the PowerApps portal. I wrote about this in a previous blog. There are multiple ways to deploy Azure AD within the portals and today I’m going to highlight Azure AD B2B and Azure AD B2C.

 

Choose between Azure AD B2B or B2C

When making a choice between B2B or B2C, it is wise to think about how you will use the Portal, what the situation is in your organization and the trade-off between the advantages and disadvantages of the different methods. I’ll list them for you.

Azure AD is Microsoft’s cloud-based identity and access management service that lets you sign in and access all of your resources. Looking at Azure AD B2B, you can create guest users and external partners while retaining control over your own data. With Azure AD B2B you invite guest users, while the guest users keep their own login details. This makes it easier to maintain accounts and passwords.

Azure AD B2C, on the other hand, allows you to control how users sign up, log in, and manage their profiles. When you use Azure AD B2C, you create a separate Directory in which all external users are stored. In this way, there is a clear separation between internal employees who use your Active Directory and external users who use AD B2C. At the same time, you can enforce different types of security settings, such as MFA or password strength.

 

Automate Create Portal User Setup

The necessary settings can be automated in Azure. As a solution, in the Dynamics 365 application you use, you can configure a button which sends automatically a Portal invitation to partners or customers. When clicked, this button activates a Power Automation that performs several steps. First of all, with the data of the invited Portal user with Microsoft Graph API, you can create a new user in the Azure Directory (B2C) or send an invitation so that the user (B2B) can log in with their own credentials.

Configure portal access

With the information about the newly created Azure AD user, the portal access can be configured. To ensure that a user has access to the Portal, user settings must first be configured and refer to the Azure AD with an external identity. Then the web roles can be assigned to the user specifying what the user is allowed to do in the Portal. Finally, with a nice company invitation, the link can be sent with which a new user can activate the Portal account or log in with their own login details.

 

So? 

Moral of the story: Securing your PowerApps Portal is very important. Would you like to know more about how you can use the PowerApps Portal for your business processes? Please contact info@be-empowered.nl