Azure AD B2C builds a complete identity-management framework for developers and supports signing in to your application using social networks, such as Facebook, Google, or LinkedIn, and creating developed accounts with usernames and passwords specifically for your company-owned application. Self-service password management and profile management are also provided. Additionally, Azure MFA introduces a higher grade of security to the solution. Principally, this feature allows for small, medium, and large companies to hold their customers in a separate Azure Active Directory, with all the capabilities, and more, in a similar way to the corporate-managed Azure Active Directory. With different verification options, you are also able to provide the necessary identity assurance required for more sensible transactions. Azure AD B2C takes care of all of the IAM tasks for your own development activities.

Basically, the minimum architecture with the usage of Azure AD B2C looks like the following example. As we already mentioned, Azure AD B2C provides the identity-management framework for your application:

To get a better understanding of Azure AD B2C, we'll build an example application from Microsoft that provides a small web application, including a web API. This application is a good starting point to get deeper into Azure AD B2C. We highly recommend building it in your lab environment. The application can also run against a predefined demo environment. You will find the source at https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi#Using-the-demo-environment.

Let's start our journey and log in to our administrative workstation.

In the next section, we will create the Azure AD B2C tenant.