It is intended to simulate a scenario where a financial services institution is providing a customer access the customer’s insurance policy information. After many late nights and long weekends spent reading documentation and troubleshooting with Fiddler, I finished the solution which costs of a web app and web API. Over the past few weeks I spent time diving into the Flask web framework and putting my subpar Python skills to work. I began my journey to create the web app and web API I’ll be walking through setting up with this post. However, I wanted to test additional features like step-up authentication and securing a custom-built API with AAD B2C so I decided to build on top of Ray’s solution. There is a basic web application Ray Lou put together which does a great job demonstrating basic authentication. My first stop was the samples Microsoft provides. For the doing step I needed an application I could experiment with. Like many people, I learn best from reading and doing. It had been just about 4 years since I last experimented with AAD B2C, so I was due for a refresher. Along with these features, Microsoft also provides a great library in the form of the Microsoft Authentication Library (MSAL). Developers have suffered along with us carrying the burden of securely implementing the technologies into their code.ĪAD B2C exists to make the process easier by providing a modern IDaaS (identity-as-a-service) offering complete with a modern directory accessible over a Restful API, support for modern authentication and authorization protocols such as SAML, Open ID Connect, and OAuth, advanced features such as step-up authentication, and a ton of other bells and whistles. For those infrastructure folks who have had to manage customer identities in the past, you know the pain of managing these identities with legacy solutions such as LDAP (Lighweight Directory Access Protocol) servers or even a collection of Windows AD (Active Directory) forests. I’ve recently had a number of inquiries on Microsoft’s AAD (Azure Active Directory) B2C (Business-To-Consumer) offering.
0 Comments
Leave a Reply. |