I just stumbled on this video, its really good and educational. At 21.15 in the video, a user can Sign up, but in this video the user was already created. My requirement in my work is slightly different, that a user should be able to log in with name and password, but we don't what users themselves to register, that is something we want as an admin functionality in our application. Is there a way to remove the Sign up functionality? Is it possible to (from our C# back end code) create the users as if they registered themselves?
Thanks for the video. I was looking for application database architecture when using B2C. What will be the link of application data in application database with B2C? Username? this can change..then you lose the connection Email address? this can also change... B2C UserId (subject claim)? If you do this then you are deviating from separation of concerns and you are coupling yourself to B2C What do you recommand?
Depends on your context. Whatever it is, is should be immutable. UserPrincipal or email is usually the one most folks use, and they don't allow it to change.
You mention in a moment that you are able to create resources under the b2c tenant. Is this what really happens? How you can do that? I've being trying to do that, but all that I managed to do is manage identities
Hi, Thank you it worked, but after I deployed my app to azure cloud, I changed the callback uri, and it stopped working using the public domain as it always goes to the error page. any idea?
B2C provides authentication. I'm not sure what you mean by "cooking", but after the redirect, you get a claims token that information about whoever logged in.
@@Atmosera- I meant "doing" not "cooking". After redirection front end make a request for token. How SPA knows whose enter the App ? There has to be some information transfer between the logging page that redirects and SPA.
@@ukaszzbrozek6470 Yes. That's part of the token that comes back from the authentication mechanism. If you use the MSAL library with B2C, then it will parse it for you and return it as an object that you can read.
That depends on the app. You'd could federate the login from the other directory to B2C or maybe integrate the app with the demo tenant? Federating the login might be easiest.
I am trying to get my hands on Azure AD B2C for a week now and I was failing miserably until I found this. Thank you very much.
It was very helpful. Please keep making create content like this.
Hello Atmosera, I have a quick query, when the external user create account on the application. The user object will be created in the b2c AD?
do you have a video with older version like .net framework 4.6 or 4.8
I just stumbled on this video, its really good and educational.
At 21.15 in the video, a user can Sign up, but in this video the user was already created. My requirement in my work is slightly different, that a user should be able to log in with name and password, but we don't what users themselves to register, that is something we want as an admin functionality in our application.
Is there a way to remove the Sign up functionality?
Is it possible to (from our C# back end code) create the users as if they registered themselves?
How do you get this to work with localhost?
Thanks for the video.
I was looking for application database architecture when using B2C.
What will be the link of application data in application database with B2C?
Username? this can change..then you lose the connection
Email address? this can also change...
B2C UserId (subject claim)? If you do this then you are deviating from separation of concerns and you are coupling yourself to B2C
What do you recommand?
Depends on your context. Whatever it is, is should be immutable. UserPrincipal or email is usually the one most folks use, and they don't allow it to change.
Thank you. It is clear!!
great video. Thanks for sharing
Very helpful thank you.
You mention in a moment that you are able to create resources under the b2c tenant. Is this what really happens? How you can do that? I've being trying to do that, but all that I managed to do is manage identities
It's an AD Tennant, so the resources should be available there, even though they are billed back to the parent subscription. Not sure why you can't.
Hi, Thank you it worked, but after I deployed my app to azure cloud, I changed the callback uri, and it stopped working using the public domain as it always goes to the error page. any idea?
If you change the URL, you have to adjust the MSAL library to reflect it.
I don't really get what happens in the moment of logging in. After the redirection is there some cooking or something else ?
B2C provides authentication. I'm not sure what you mean by "cooking", but after the redirect, you get a claims token that information about whoever logged in.
@@Atmosera- I meant "doing" not "cooking".
After redirection front end make a request for token. How SPA knows whose enter the App ? There has to be some information transfer between the logging page that redirects and SPA.
@@ukaszzbrozek6470 Yes. That's part of the token that comes back from the authentication mechanism. If you use the MSAL library with B2C, then it will parse it for you and return it as an object that you can read.
how can i add an app from another directory (I'm using a app linked to 356 demo tenant )
That depends on the app. You'd could federate the login from the other directory to B2C or maybe integrate the app with the demo tenant? Federating the login might be easiest.
can you please share github link ?
It's in the video description. Check there.