Single Sign-on and Identity

Posted 12 July 2017 12:00 AM by Manoj Shah, Digital Technical Consultant @ ClearPeople

There is little doubt that we are all being exposed to a huge number of applications in both our personal and working lives. It’s not uncommon to find that in the corporate environment there are a range of services provisioned some of these are internal applications that are provisioned to pre-dominantly employees, contractors and partners. Increasingly some of these applications make their way to end customers as value added services or strategic products.

Traditionally resources in the Microsoft world have been controlled through Active Directories and more recently with the provision of Azure Active Directories there is a comprehensive identity and access management solution available via the azure cloud.

What’s important to note is that Azure active directories are really geared at allowing organisations to integrate line of business applications or SAS applications. The Azure AD application gallery provides a huge number of applications such as box, yammer twitter that can all be configured for single sign on.

The important thing to note is that Azure Ad solutions are generally geared for internal users and partners. Azure has recently introduced Azure B2C.

Azure B2C is provisioned as a SAS solution that will allow organisation to provide an identity and authentication mechanism for applications that are provided to their end customers. This basically means that the registration and signin process can be outsourced to Azure B2C. The software developers no longer need to concern themselves about storing and securing user information in their own custom format and can provide features such as multi factor authentication with ease.

Azure B2C provides support for OAuth 2.0 and this would allow applications to utilise access_tokens to gain access to resources that are secured by an authorization server.

Single Sign On1

Azure B2C extends OAuth2.0 and OpenID Connect through a concept of policies. Policies allow operations beyond authorization and authentication and can be customised to meet custom requirements further these policies can be used across multiple applications.

The following diagram provides an overview on how a web application can utilise Azure B2C:

Single Sign On

The one limitation with Azure B2C currently is the lack of support for SAML (Security Assertion Markup Language). In the medium term this is likely to change and its worth considering utilising AzureB2C for handling the security of customer facing application in your organisation.

The key advantage of a solution like AzureB2C are:

  • Single Sign on and Sign off
  • Industry standard security (Customer profile data is secured and maintained by Microsoft)
  • Customers can use social accounts such as Facebook, LinkedIn and Google to sign in and this functionality is maintained by Microsoft.
  • A unified and branded sign-in, registration and forgotten password experience
  • High Availability and Scalability out of the box
  • Multifactor Authentication without hassle

First published in North Starr's Starr Tech Enterprise 


Add your comment





intranet Modern SharePoint teamwork employee engagement digital workspace SharePoint JavaScript Windows Azure Digital Transformation staff satisfaction productivity Microsoft Teams Office 365 Yammer cms content management system agile GDPR Microsoft Graph collaboration Microsoft sharepoint 2016 upgrade migration SharePoint Online 2016 Tech Trends Digital Disruption Context marketing marketing SharePoint 2010 SharePoint 2013 TFS Git security kentico Analytics jquery QA Quality Assurance testing content management websites Sitecore sitecore marketplace sitecore module cloud Microsoft Cloud Storage digital strategy technical consulting sitecore modules Experience database Sitecore 7 Sitecore 8 support account management customer experience Data Storage cms integration front end front end development prototype Cloud Storage StorSimple Front-end Development Layout SharePoint 2013 colour palette UI design website design log viewer sitecore cms website Azure big data business-critical sharepoint accessibility android apple chrome clear people clearpeople debug emulator ios mobile testing opera resize adobe desktop flash ie10 internet explorer 10 metro windows 8 bcsp Advanced System Reporter reporting framework ControlMode form control master page placeholder publishing console SharePoint 2007 SharePoint error search search results search values software testing testing scenario audit content information architecture retention schedules PowerShell QuickLaunch scripts SharePoint server 2010 business solutions metalogix replication replicator storagepoint stena technet UK Technet picture library slideshow web part RTM released to manufacturing caml caml query MOSS 2007 query infopath