The art and craft of Azure Active Directory B2C

Working with large customer-focused organisations, user identity management (IdM), also known as identity and access management (IAM or IdAM), is incredibly important to get right. But how is it possible to secure a reliable and safe solution? Development teams usually have their ways to create alternatives with their own code, but at the end of the day, IdM is all about customer data and security – and it cannot be taken lightly.

To address this challenge, and guarantee the maximum satisfaction of our customers,  weCan’s choice is using Azure Active Directory B2C. AAD B2C is a consumer-focused IdaaS authentication service offered by Microsoft, which handles all authentication processes and security aspects. We gained extensive experience using Azure to best serve the needs of our flagship client OSN, and we are committed to use our expertise to provide safe solutions to all of our customers. Learn from the experience we gained from storing passwords, serving logins and managing subscriptions for 3 million customers!

What is Azure AD B2C?


Azure Active Directory B2C is a cloud-based authentication and identity management service, which creates an identity repository that uses third-party identity stores and social accounts for authorizing access. The platform allows companies to connect with their customers with ease, thus enterprises can provide their customers with a frictionless experience. AAD B2C’s most distinguishing feature is the capability to perform millions of authentication tasks in a few seconds, billions of authentications per day. Due to these advantages ADD B2C gained international recognition, and used by governments and business organizations worldwide.

The key features of Azure Active Directory B2C

Cloud-based service

AAD B2C is a cloud-based customer identity access management (CIAM) solution. Operating on a cloud-based platform allows developers to communicate with users much more efficiently, as they can reach out to users on any platform without having to worry about managing vast amounts of data.

Seamless single sign-on (SSO)

Customers can use their preferred social media, enterprise or local accounts to get instant access to applications without registration, with a single sign-on. From the business perspective, this is highly beneficial because it allows developers to link a user identity to an existing consumer profile – pulling user information from an already established consumer data system. Moreover, it is possible to match, process and deliver this to the application, and integrate it with additional data sources and services.


Since all information is stored in Azure, there is no need to deal with identity security data – therefore users would be assured of the fact that this platform is secure and reliable. The AAD B2C automatically handles threats like denial-of-service, password spray, or brute force attacks to protect customer’s identity information. It is also possible to activate the built-in threat detection and multi-factor authentication (MFA) as well, which is an important element for security and the upcoming GDPR within the European Union.

Ease of integration

The service can be effortlessly integrated into websites, mobile applications and existing technical infrastructure, regardless of the technology stack used. With a simple API model and a set of libraries, it is possible to just launch a service tenant and start right away.


Authentication is based on OpenID Connect and Azure AD’s OAuth 2.0 authorization framework. Developers can build multiple rules and policies for what is allowed in which application, and when users arrive at the web interface, they are redirected to AAD for authentication. Once authenticated, the application can call the API to retrieve data and perform business functions. If additional authentication is required, two-factor authentication can be added simply.


weCan’s favorites benefits of AAD B2C

Provides flexibility

One of our favorite benefits of AAD, is that our experts can choose from a wide range of configuration options to find the best solution for our customers’ needs. If developers opt for more complex scenarios, they can use the Identity Framework Experience designed by Microsoft. On the other hand, if a strong focus on marketing analytics is required, it is also possible to integrate Azure Active Directory B2C with CRM databases, which can help to design effective promotional strategies.

Tracks protocols and changing services

Not having to deal with complex protocols and changing services is every developer teams’ dream. With AAD B2C, our experts can forget about this hustle and bustle, because if something changes in Google’s authentication mechanisms, it is automatically managed by the platform without affecting the application which is being developed.

Accessibility and security

Microsoft releases constant updates for Azure Active Directory B2C, and with this solution, it provides an identity handling service for all new consumer-facing applications going forward. The continuous improvements in accessibility and security could be the missing piece to start a digital revolution – and with innovation as one of the core value of our company, weCan stands by implementing AAD’s solutions in order to provide our customers with the most cutting-edge service.

Advantages of Azure AD B2C from a business point of view

The list is long, not only because Azure AD B2C is highly cost effective, offering competitive pricing compared to other providers  – in addition to the fact that the first 50,000 authentications and users are free – , but also because its self-support feature reduce organisation’s costs, and its pay-as-you-go model allows to only pay for the features that have been used.

Azure AD B2C is used by government organizations from a national to a local state level in order to enable its citizens to access digital services. Morower, the benefits of AAD are experienced by companies in a wide range of sectors.

Manufacturing companies can appreciate that their customers can access and manage service and telemetry data in their applications, logistics enterprises can benefit from the security services available to their multiple brands, in particular, to be able to manage a single customer identity across all applications, while educational organisations can benefit primarily from security models used to manage access to their applications by teachers, students and their parents.