Sunday, April 12, 2020

Azure AD B2C New Flow Types

Azure AD B2C is a great product. It allows you to create a separate directory of users who would like to consume your application. You do not need to worry about the sign up process. Once the users are Signed Up with the Azure B2C Tenant and sign in, Azure will return the necessary claims back to the users in the token.

The Sign Up, Sign In, Password Reset and Profile Edit pages were handled by Azure AD via a web view page. Right now, there are 3 flow types.

While they were great, there was an issue that bothered me. Sign up and Sign in comes all together. This means, any user can Sign Up and granted access. While I have enough ways to limit this within the application code itself, I wanted to ensure that users cannot Sign Up, but when I create an account, they can Sign In.

One of the ways we can do this is by applying a custom page and hiding the Sign Up link styles, which is not the best practise when you look at an application standpoint. Therefore needed to have a separate user flow type to only allow Sign In.

This is available in the new Flow Types which are in preview as v2.

Though these are still in preview, so far works well in my test environments. As you can see, there are plenty other options available. So if you have not tried yet, why dont you give a try? 

No comments:

Post a Comment