Today we are delighted to announce the general availability of Azure Active Directory B2C in North America (please read the note on “Production-scale“ B2C tenants below). The service has seen explosive growth in usage and interest since its preview announcement. Multiple enterprises and governments, including Real Madrid and the State of Indiana, have already gone live on it, and many others are expected to do so within the next quarter. In addition, Azure Active Directory (Azure AD) B2C will remain free of charge until early 2017. Now is a great time to start!
What is Azure AD B2C?
Azure AD B2C is a cloud identity and access management service purpose-built for app developers. It is a game changer for organizations of all sizes that want to offer consumers secure access to their apps, by allowing consumers to reuse their existing social accounts or creating new app-local ones. It lets you focus on your app’s core functions and on growing its consumer base, by handling all of the app’s identity management needs, and not just sign-in. Built on Azure AD, the cloud identity platform that handles billions of authentications per day, Azure AD B2C is a highly-available service that can scale to hundreds of millions of identities. It is completely customizable, integrating invisibly and seamlessly into your apps. If you have multiple apps, you can enable single sign-on for them all. In addition, Azure AD B2C makes it simple for consumers to manage their own accounts with self-service journeys such as sign-up, profile management and password reset.
What’s available today?
Secure identities: Your consumers can bring their existing social accounts (Facebook, Google, LinkedIn, Amazon, Microsoft account) or create new app-specific accounts (usernames and passwords local to your app). You can also add multi-factor authentication to your app and give consumers an extra layer of security.
“Azure Active Directory B2C has helped the Indiana Office of Technology solve a long-standing problem where citizens required different logins to access every State application. With Azure Active Directory B2C, Hoosiers have the ability to create a secure and easy to use ID that will allow them to safely do business with the State, while only remembering one username and password. Our initial deployment of Azure Active Directory B2C with the Indiana Secretary of State’s INBiz application has been an overwhelming success and we are looking at using Azure Active Directory B2C for all future applications and retroactively applying the technology to legacy applications that require a citizen login.” – Bryan Long, Cloud Architect – Indiana Office of Technology
Seamless experience: You have pixel-perfect control of your application’s consumer experience; our service stays completely hidden from view. Real Madrid used this capability to ship compelling mobile (iOS, Android, Windows Phone) and web apps for its fans.
“Azure Active Directory B2C helps us bring the stadium closer to our 450 million fans around the globe with simplified registration and login through social accounts like Facebook, or traditional username/passwords login. We’re able to provide a seamless experience across mobile applications on any platform. By using Azure Active Directory B2C we were able to build a fully customized login page without having to build custom code. Additionally, with a Microsoft solution in place, we alleviated all our concerns about security, data breaches, and scalability.” – Rafael de Los Santos, Head of Digital – Real Madrid
Highly customizable journeys: We provide out-of-the-box consumer journeys such as sign-up, sign-in, sign-up or sign-in, profile editing and password reset so that developers don’t have to hand code them. These consumer journeys can be tailored (branding, token, session and SSO configuration, information collected from consumers and claims passed back to the app) to match the needs of each app.
Developer experience: Azure AD B2C supports industry-standard protocols – OpenID Connect and OAuth 2.0. You can secure your mobile, web and native apps using Microsoft’s authentication libraries or open-source ones. Check out our documentation and samples at aka.ms/aadb2c.
Extensible directory: Your B2C tenant can store hundreds of millions of consumer profiles. It is also fully programmable via a RESTful API (“Graph API”). Most importantly, you own your consumers’ data and manage your app’s terms of use.
Cloud-first: Our cloud identity service is secure, reliable and highly-available (SLA of 99.9%). It is built on the same technology infrastructure that powers a billion-plus Azure AD sign-ins per day.
Superior economics: Our consumption-based pricing model, which comes into effect after the free period, beats the total cost of ownership of on-premises systems.
Important note on “Production-scale” B2C tenants
We recently deployed new servers in our North American data centers exclusively for Azure AD B2C. B2C tenants hosted on these servers can scale up to hundreds of millions of consumer identities per tenant. You should run your production apps ONLY on these “Production-scale” B2C tenants in North America. You can get one by creating a new B2C tenant in the following countries or regions: United States, Canada, Costa Rica, Dominican Republic, El Salvador, Guatemala, Mexico, Panama, Puerto Rico and Trinidad and Tobago.
Those of you outside of North America can consider using North American B2C tenants if they meet your needs. We plan to make Azure AD B2C generally available in other countries or regions over the next few months.
Information about your tenant type is available in your B2C Admin UI. If it says “Production-scale tenant”, you are good to go. If you have an existing “Preview tenant”, you must use it ONLY for development and testing.
What’s next?
- GA in Europe and Asia-Pacific: Watch this space for general availability announcements for other countries or regions over the next few months.
- Multi-language support: Azure AD B2C will render pages in 21+ languages (and their regional variants). Upload your own text content (labels, error messages and so on) to further customize your application’s experience.
- Access token support: Use access tokens to manage the communication between your app’s client and server components.
- Roadmap: Check out our roadmap online and vote for your favorite features on Azure UserVoice.
In summary
Today’s milestone is a beginning. We are focused more than ever on making developers successful on our identity platform. We will evolve Azure AD B2C rapidly, as it is built on our cloud-scale identity service, purpose-built to securely orchestrate identity providers, claims providers and restful services while giving developers complete control over user experiences and scaling to handle hundreds of millions of consumers, partners and devices. Reach out to us at aaddev@microsoft.com to learn more.
Resources to get started
- You can find our documentation and samples at aka.ms/aadb2c.
- Get help on Stack Overflow (use the azure-active-directory tag).
- Visit our web page at https://azure.com/azuread-b2c.
- Tweet us (@azuread) or me (@swaroop_kmurthy).
Regards,
Swaroop Krishnamurthy, on behalf of the Azure AD B2C engineering team