How to implement authorization with Azure AD B2C using C#.NET

Devendra Pratap 26 Reputation points
2022-03-21T10:28:43.813+00:00

I have done authentication using Azure Active Directory B2C means user can signed in. After Signing in, User saw 5 tab buttons on navbar (i.e. Home, Privacy, Products, HR, Finance).We want to configure these as (for signed-in user):-
(1) every user can see 2 tab buttons (Home & Privacy).
(2) some specific user (i.e. HR teams) can see HR and Finance tab (means I want to give authorization)
and
(3)some other specific user can see Products tab .

Using C#.NET for this.

And I shared some picture for example purpose.

185177-image-3.png185057-image-2.png

thanks!

Azure Database Migration service
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,391 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,678 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,852 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Eric Boyd 336 Reputation points Microsoft Regional Director
    2022-03-22T02:39:08.777+00:00

    Hello @Devendra Pratap

    In your application, you can handle the OpenIdConnectEvents.OnTokenValidated event https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.authentication.openidconnect.openidconnectevents.ontokenvalidated which will fire after authentication completes and returns to your application with an AuthenticationTicket. From there, you could add additional claims to your ClaimsPrincipal. You could interrogate the Microsoft Graph API for additional information for the additional properties needed or other external systems that might contain the additional identifying properties to determine the appropriate departments or specific access.

    Here's one approach for adding additional claims.
    https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims?view=aspnetcore-6.0#extend-or-add-custom-claims-using-iclaimstransformation

    1 person found this answer helpful.
    0 comments No comments