Skip to main content

Azure Active Directory B2B

This is an extension of Azure Active Directory Service.

Simplest way to think is if the organization wants to collaborate with another organization by sharing their applications, then the IT has to think of a way to provide access to the users.
Also policies have to be set to remove the access and restrictions around the access to applications.

Azure AD B2B does this for you.
Users will be sent a invite using which they can use their own preferred account to access the applications.
Users can use their social networking account to access the applications, while Azure AD strong policies take care of the applications that can be accessed by users.
If the organizations want to use their corporate accounts, then the users need to create a password first and use their corporate account. As per the Microsoft in the future they will collaborate for SSO so that users do not need to create new passwords.
Azure AD B2B will also allow users to be added to administrator groups.

What is the difference between Azure AD, B2B and B2C?
Azure AD
Azure AD is a identity as a service (IdaaS) for authentication and authorization of cloud applications.
Organization users login to your domain, dedicated for your organization.
Users on premise are continuously synchronized to Azure AD

Azure AD B2B
This is an extension of Azure AD. 
Users from different organizations will be provided access to your organization applications.
Members are invited to access the applications.
Cross organization collaboration

Azure AD B2C
This is similar to AD but has different functionality.
Consumer are allowed to sign-up and sign-in to your applications.
Used widely for mobile and web apps that have to be open to wider users not restricted to corporates.
Eg. You have created a new Skill app, you want to extend it to all users.
End users want to know their Skill, so they sign up for your app and use it.




Labels:

Comments

Post a Comment

Popular posts from this blog

Azure Active Directory

Azure Active directory (AAD) is a Identity as a Service. This is a smaller subset of Active directory. This is not a replacement to active directory at all. Azure active directory provides the identity services to the mobile apps and web apps in Private cloud. These apps may be connected to on-premise applications. So an SSO is enabled for these apps. So Azure active directory has very simple functionality. Create Users, Groups. Map groups to network security groups and provide the authentication to the resources. When you login to Azure portal, right upper corner of the screen has username along with the domain. Domain or tenant or organization are used interchangeably. Management of Users and Groups: Cloud identity (create users manually)  Directory synchronized identifiers (users are synchronized)  Add users Adding a cloud identity users makes the user as Guest When you do directory synchronization on Premise AD Groups are synched up wi...
Post a Comment
Read more

Kubernetes: 19. Configure Application

Configuring application consists of Configuring commands and arguments on applications Configuring environment variables Configuring secrets Docker Commands docker run ubuntu  -> Runs ubuntu container and exit, container CMD is set to [bash], so the container quitely exits docker run ubuntu echo "Hello World" -> Runs ubuntu container, prints "Hello World" exits quitely. To update the default settings, create your own image from the base image lets call this ubuntu-sleeper image FROM ubuntu CMD sleep 5 CMD can also be mentioned in the JSON format like CMD ["sleep", "5"] Note that with JSON format the first element should always be the command to execute,  for eg, it CANNOT be ["sleep 5"] Run build the new ubuntu-sleeper image and run the new image docker build -t ubuntu-sleeper .  -> Build the image docker run ubuntu-sleeper -> Run the new image So the new image will launch ubuntu container, sleep for 5 seconds and quitely ex...
Post a Comment
Read more

Kubernetes: 15. Multiple Schedulers

Custom Scheduler Kubernetes allows to create custom schedulers There can be multiple schedulers running at a same time apart from the default scheduler or A custom scheduler can replace the default kube-scheduler to become the default one So a few pods that requires additional checks apart from taints and toleration, node affinity can go through the custom scheduler before getting scheduled on the node Whereas the rest of the pods can go through the default kube-scheduler Create Custom Scheduler We can either download the kube-scheduler and run it as a service or alternatively create it using a static pod Below here we are downloading the binaries to run it The property scheduler-name is used to define the name of the scheduler, if not set then it will be defaulted to default-scheduler For your custom schedulers, update this property name to set a custom name for your scheduler For Static pods, the name can be updated directly in the pod-definition file Use kubectl create -f <pod-de...
Post a Comment
Read more