Azure AD B2C
-
Gowtham K⏱︎
Read time:
4–5 minutesConfigure Password Expiration Policy in Azure AD B2C Using Organization Password Policy
Read More →: Configure Password Expiration Policy in Azure AD B2C Using Organization Password PolicyIntroduction: By default, local accounts in Azure AD B2C are often configured with the DisablePasswordExpiration policy, which prevents passwords from expiring. While this behavior simplifies user experience, many organizations require periodic password rotation to align with internal security standards and…
-
Gowtham K⏱︎
Read time:
3–5 minutesImplementing Secure Session Timeout in Azure AD B2C
Read More →: Implementing Secure Session Timeout in Azure AD B2CIntroduction: Before diving into application session management in Azure AD B2C, let’s consider a real-world scenario. You have a .NET web application integrated with Azure AD B2C for authentication, and your security requirement is straightforward:The user session must automatically expire…
-
Gowtham K⏱︎
Read time:
4–6 minutesAzure AD B2C Custom Policy – Preventing Email Change After Verification in the Password Reset Flow
Read More →: Azure AD B2C Custom Policy – Preventing Email Change After Verification in the Password Reset FlowIntroduction: his article explains how to hide the “Change Email” (Change Claims) button that appears in the Azure AD B2C forgot password flow when using Display Controls for email verification. We recommend you to read the Azure AD B2C custom…
-
Gowtham K⏱︎
Read time:
6–9 minutesEmail Address Validation Before Sending Verification Code in Azure AD B2C Password Reset Flow
Read More →: Email Address Validation Before Sending Verification Code in Azure AD B2C Password Reset FlowIntroduction: In a standard Azure AD B2C password reset flow, when a user clicks “Forgot your password?” they are presented with an email verification screen. The user enters their email address and clicks “Send verification code.” At this point, the…
-
Gowtham K⏱︎
Read time:
6–9 minutesImplementing User Exists Validation on Send Verification Code in Azure AD B2C Custom Policy
Read More →: Implementing User Exists Validation on Send Verification Code in Azure AD B2C Custom PolicyIntroduction: During sign-up in Azure AD B2C, users must provide an email address and verify it before creating an account. A common requirement is to check whether the email address already exists in the directory and show an error message…
-
Gowtham K⏱︎
Read time:
4–6 minutesManaging App Roles and Group Memberships for Azure AD B2C with MS Graph API
Read More →: Managing App Roles and Group Memberships for Azure AD B2C with MS Graph APIIntroduction: Azure AD B2C is a robust solution for managing customer identities, but it has certain limitations compared to Microsoft Entra ID (formerly Azure Active Directory). A key limitation is the absence of native support for app roles and group…
-
Gowtham K⏱︎
Read time:
4–5 minutesEnriching Azure AD B2C Claims with App Roles and Groups Using Azure Function and Custom Policies
Read More →: Enriching Azure AD B2C Claims with App Roles and Groups Using Azure Function and Custom PoliciesIntroduction: Azure AD B2C is a powerful customer identity solution, but it comes with some limitations compared to Microsoft Entra ID (formerly Azure Active Directory). One major limitation is the lack of native support for app roles and group claims.…
-
Gowtham K⏱︎
Read time:
4–6 minutesSecure Single Sign Out in Azure AD B2C
Read More →: Secure Single Sign Out in Azure AD B2CIntroduction: Single sign-out is a crucial feature for applications focused on security and delivering a seamless user experience. With Azure AD B2C, enabling single sign-out ensures that when users log out of one application, they are automatically signed out of…
-
Gowtham K⏱︎
Read time:
3–5 minutesConfigure Custom Domain for Azure AD B2C
Read More →: Configure Custom Domain for Azure AD B2CIntroduction: Azure Active Directory B2C (Azure AD B2C) is a powerful identity and access management service designed for customer-facing applications. Configuring a custom domain for your Azure AD B2C tenant allows you to replace the default *.b2clogin.com domain with your…
-
Gowtham K⏱︎
Read time:
1–2 minutesAzure AD B2C Conditional access policy to Bypass MFA per User
Read More →: Azure AD B2C Conditional access policy to Bypass MFA per UserIntroduction: Like Microsoft Entra ID, there is no Azure AD B2C user flows admin center to manage a particular user’s MFA. However, we can achieve it through the conditional access policy. We can set the MFA for the user flow…
Gowtham Kumar
I am Gowtham K, a traveller and tech blogger and a 10-time Microsoft Most Valuable Professional (MVP), recognized for my exceptional contributions to the Microsoft ecosystem.