Can I use Azure Active Directory B2C to secure an API contained in a non-B2C directory?
Question
I have an API which is hosted within a corporate Azure Active Directory but I want to allow non-corporate users to sign up and use the service. It looks like Azure AD B2C provides this functionality, however I am not sure how or if I can authorise access to the API based on identities created in the B2C directory. Moving the API to the B2C directory is not an option for me.
I'm also finding the entire concept a little confusing because I never want the users of my site to have the ability to administer my Azure infrastructure, so why would they ever be in the same directory together. That just seems like a security risk, am I missing something?
Is it possible to access an API hosted in a corporate Azure AD using an identity created in an Azure AD B2C directory?
1 answers
solution1
1 2020-06-30 09:22:11
It turns out this can be achieved by using the Advanced option under Authentication/Authorisation within the Azure Portal for the API you wish to secure and the steps are detailed here:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.