B2B or B2C?

Microsoft released the Azure AD B2B and B2C services last year. The main goal of both services is to provide an Enterprises the ability to grant “external” accounts access to their services. Although there is major difference in the use of these services. Business to Business (B2B) is mainly focussed on collaboration between two different companies so people can interact and work together with for example the same application or within the same project. Business to Consumer (B2C) is meant for the Enterprise’s end-customer granting the ability to login using a single IdP (or your Social ID) to access the company’s services. Buying something online in a web shop or the downloading an invoice on the personal page of your magazine subscription are some examples of a typical B2C scenario.

The table shown below provides some guidance on how to identify the correct scenario:

31-1-2017 07-26-04

According to my experiences there is also some grey area for which the characteristics does not exactly match one of the scenarios shown above. Think about scenarios in which an Enterprise is the end-customer of a certain service the other Enterprise delivers. For example, an energy company which delivers online service to other companies to provide insights into their electricity usage of the buildings the company owns. This brings challenges like how can we assign a customer administrator role with privileges to invite other people within their company? This is more like a B2B feature in a B2C scenario. Let’s see with the future will bring for these types of scenarios. For now, it requires some creative solutioning using the B2C service….

Hybrid identity update: Pass-Through Authentication and Seamless Single Sign On

It is one of the main announcements from Ignite 2016, but now the functionalities are finally here: Pass-Through Authentication and Single Sign On. These features are added to latest Azure AD Connect release and are considered a huge game changer in the Hybrid Identity scenarios. In this post, I will elaborate on these two new features and I will also answer the question: Is ADFS a deprecated type of scenario for a hybrid identity setup? … Read more…

Access Control using Azure Active Directory

By adopting more and more different cloud applications in your organization the need for management and controls becomes crucial. Azure Active Directory in this case offers a wide set of features to support these scenarios. Some of the primary functionalities like account management, Multi-Factor Authentication and Federation support covers most of the needs on the authentication level and these are common practice nowadays. When it comes to controlling and granting access to applications or managing authorization in a cloud scenario and integrating with your environment, it suddenly starts to be a little bit blurry. This post will give a brief overview of the Azure Active Directory key Access Control features and it will provide a practice to combine these features which will help IT organizations to manage and service their organization in an efficient and compliant way. … Read more…