ComponentSpace

Forums



Azure B2C SSO SAML Integration


Azure B2C SSO SAML Integration

Author
Message
devmatic
devmatic
New Member
New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)

Group: Forum Members
Posts: 1, Visits: 9
Hello
I'm working on implementing SSO using SAML. Azure B2C is being used as the Idp.
Azure B2C will 'eventually' support SAML SSO (private preview as of now according to Microsoft Support), so I'm researching alternative solutions.
Would it be possible to use the SAML  v2.0  ASP.NET Core  Suite to build a wrapper around my B2C tenant (using the Graph API for instance), and use that as the SAML endpoint ?
Do you have any similar scenarios or previous implementations using Azure B2C ? (not Azure AD).

Thanks !

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
I'm afraid we don't have any experience with Azure B2C SAML support.
Your suggestion of a SAML IdP which uses the Graph API for the authentication implementation should work.
SAML SSO and our product are independent from the authentication mechanism employed at the IdP.
You can use whatever you like to perform the actual authentication of the user.

Regards
ComponentSpace Development
Charaka
Charaka
New Member
New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)New Member (8 reputation)

Group: Forum Members
Posts: 6, Visits: 63
Hi All,

Is there any progress on this? I also got a requirement for integrating with Azure B2C. is there any guide to do this?

Thanks,
Charaka
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Not yet I'm afraid. We have a guide for Azure AD but a guide for Azure B2C is still on our to-do list.
I don't anticipate there would be any issues as we have a number of customers who have successfully integrated.
If you do run into any issues, please contact us through the forum or via email.

Regards
ComponentSpace Development
rbrayb
rbrayb
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 9
Just FYI:

https://medium.com/the-new-control-plane/connecting-the-componentspace-saml-2-0-stack-to-azure-ad-b2c-c6e8288eeb4b

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi Rory,

Thank you very much for the article and link.

Regards
ComponentSpace Development
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
As the IdP, Azure B2C is responsible for authenticating the user. I'm not sure if it's possible to configure Azure B2C to authenticate the user in the manner you describe using your own custom form. This isn't directly related to our SAML product. We simply receive and process the SAML response/assertion from the Azure B2C in this scenario.

Passing the username and password to the IdP is not supported by the SAML specification. 

Regards
ComponentSpace Development
rbrayb
rbrayb
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 9
ComponentSpace - 9/1/2021
As the IdP, Azure B2C is responsible for authenticating the user. I'm not sure if it's possible to configure Azure B2C to authenticate the user in the manner you describe using your own custom form. This isn't directly related to our SAML product. We simply receive and process the SAML response/assertion from the Azure B2C in this scenario.

Passing the username and password to the IdP is not supported by the SAML specification. 

B2C does not allow you to use your own login form.

The only exception is to use the iframe element to embed the Azure AD B2C sign-in user interface directly into your web application - https://docs.microsoft.com/en-us/azure/active-directory-b2c/embedded-login?pivots=b2c-custom-policy

This article describes using ComponentSpace to authenticate against B2C as an IDP - https://medium.com/the-new-control-plane/connecting-the-componentspace-saml-2-0-stack-to-azure-ad-b2c-c6e8288eeb4b

You can pass the username/password for authentication using the resource owner flow but that uses OIDC - https://docs.microsoft.com/en-us/azure/active-directory-b2c/add-ropc-policy?tabs=app-reg-ga&pivots=b2c-custom-policy




ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks for the links and information.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search