Skip to content

A library for quickly configuring and running Azure AD B2C authentication and operations in a Nancy Owin web app.

License

Notifications You must be signed in to change notification settings

endpointsystems/Nancy.Owin.Security.B2C

Repository files navigation

Nancy.OWin.Security.B2C


Obsolete

This code is for Nancy 2.0.0-clinteastwood, which is at this point an ancient relic. Use at your own risk.


Nancy authentication and operations against Azure AD B2C

The purpose of this library is to provide Nancy OWin support for authentication Microsoft Azure Active Directory B2C.

How it works

  • When authenticating, you are going to use OpenID to connect and authenticate against your respective directory
  • When performing other operations (accessing someone's O365 account, or reading what groups a user belongs to in the directory) you use graph operations.

For step by step instructions on how to get started: https://endpointsystems.com/blog/introducing-nancy-owin-security-b2c

Azure Active Directory B2C

The most significant difference between Azure AD and Azure AD B2C is the extensible policy framework. Policies fully describe consumer identity experiences such as sign-up, sign-in, or profile editing. There are built-in policies for getting started, as well as the ability to create custom policies via the Identity Experience Framework.

Policies can include things like:

  • using social media accounts (Facebook, Twitter, etc.) enterprise or local accounts for registration and access
  • custom attributes for consumer data collection
  • Multi-Factor Authentication
  • User profile editing or password resetting

Note: Graph API and MSGraph were originally intended for inclusion in this project; however, it appears that Graph API will eventually be superseded by MSGraph, and given the nature of Graph API operations, it appears that the better application for anything related to Graph API operations be in a separate application altogether. That said, here is some information on MS Graph, Graph API, and Azure Active Directory.

Graph API and MS Graph

MS Graph is a REST API platform that allows developers to access the Office 365 suite. You'll use this for most development efforts revolving around Office 365 development.

What's in the graph?

While Azure AD Graph API is on its way towards general obsolescence, it is important to understand that it is the API to use if you want to interact with your Azure AD B2C tenant - not MS Graph. This tends to get a little confusing, so it's worth pointing out the differences.

MS Graph Links
Graph API Links

Azure Active Directory

Authenticate against Azure AD using personal or work credentials. For more information:

Sample App

Included in this repo is a sample application using Nancy 2.0 and Owin, authenticating and performing customer an Azure AD B2C tenant. Others will follow suit as the project progresses.

Project Status

Currently everything in the code revolves around Azure AD B2C.

Acknowledgments

Much of the code in this library currently comes from the repositories listed below:

About

A library for quickly configuring and running Azure AD B2C authentication and operations in a Nancy Owin web app.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages