What’s new in Azure Active Directory B2C

Publisert på 13 februar, 2017

Senior Program Manager, Azure Active Directory

Over the past few weeks, we have introduced new features in Azure AD B2C, a cloud identity service for app developers. Azure AD B2C handles all your app’s identity management needs, including sign-up, sign-in, profile management and password reset. In this post, you’ll read about these features:

  • Single-page app (SPA) support
  • Usage reporting APIs
  • Friction-free consumer sign-up

Single-page app (SPA) support

A single-page app (SPA) is a web app that loads a single HTML page and dynamically updates the page as the consumer interacts with the app. It is written primarily in JavaScript, typically using a framework like AngularJS or Ember.js. Gmail and Outlook are two popular consumer-facing SPAs.

Since JavaScript code runs in a consumer’s browser, a SPA has different requirements for securing the frontend and calls to backend web APIs, compared to a traditional web app. To support this scenario, Azure AD B2C added the OAuth 2.0 implicit grant flow. Read more about using the OAuth 2.0 implicit grant flow or try out our samples:

  • A SPA, implemented with an ASP.NET Web API backend
  • A SPA, implemented with a Node.js Web API backend

Both samples use an open-source JavaScript SDK (hello.js). Note that the OAuth 2.0 implicit grant flow support is still in preview.

Usage reporting APIs

A frequent ask from developers is to get access to rich consumer activity reports on their Azure AD B2C tenants. We’ve now made those available to you, programmatically, via REST-based Azure AD reporting APIs. You can easily pipe the data from these reports into business intelligence and analytics tools, such as Microsoft’s Power BI, for detailed analyses. With the current release, 4 activity reports are available:

  • tenantUserCount: Total number of consumers in your Azure AD B2C tenant (per day for the last 30 days). You can also get a breakdown by the number of local accounts (password-based accounts) and social accounts (Facebook, Google, etc.).
  • b2cAuthenticationCount: Total number of successful authentications (sign-up, sign-in, etc.) within a specified period.
  • b2cAuthenticationCountSummary: Daily count on successful authentications for the last 30 days.
  • b2cMfaRequestCountSummary: Daily count of multi-factor authentications for the last 30 days.

Get started using the steps outlined in this article.

Friction-free consumer sign-up

By default, Azure AD B2C verifies email addresses provided by consumers during the sign-up process. This is to ensure that valid, and not fake, accounts are in use on your app. However, some developers prefer to skip the upfront email verification step and doing it themselves later. This friction-free sign-up experience makes sense for certain app types. We’ve added a way for you to do this on your “Sign-up policies” or “Sign-up or sign-in policies”. Learn more about disabling email verification during consumer sign-up.

Feedback

Keep your great feedback coming on UserVoice or Twitter (@azuread, @swaroop_kmurthy). If you have questions, get help on Stack Overflow (use the ‘azure-active-directory’ tag).