Azure Active Directory B2C as a Microservice

Question

I've been looking at implementing a Identity Microservice (as per the eShopOnContainers sample ... https://github.com/dotnet-architecture/eShopOnContainers) and I was wondering if it was possible to implement the Identity Microservice in such a way that you could use any Identity Provider you wanted, including Active Directory B2C?

Perhaps I'm over-thinking this but what I'm asking is, is it possible to have the Identity Microservice loosely coupled to AD B2C? Are there any examples (in GitHub for example) that demonstrate this?

Thanks in advance.

Answer 1

After much reading and research, I ended up using AD B2C directly to authenticate my client apps as well as my API endpoints exposed through Azure API Manager. My microservices use other forms of authentication as they are only accessible from API Manager (not publicly visible). I was able to use Custom Policies to implement my own logic when a user signs up/signs in.

Identity Server 4 looks like a great option if you want to have a finer level of control and configuration ... and I may end up using this solution in the future.

But for now, AD B2C meets all my needs so I'm happy to use it as if it was a microservice on its own.

Answer 2

(Moving from comments to Answer)

Using Azure AD B2C you can have N number of Identity Providers Where the microservices is an architectural style that structures an application as a collection of loosely coupled services. In this use case once a user is authenticates to an idenitity provider the dozens of microservices needs to be authenticated. Please check out this blog for microservices authentication with Azure AD B2C