question

NickDiaz-9048 avatar image
0 Votes"
NickDiaz-9048 asked NickDiaz-9048 commented

Best Approach

We are building an application, and as part of it want to be able to grant users access to certain Azure resources, which requires them having an AAD user.

We are currently using Auth0 to authenticate users, which has the great advantage of being able to use external authentication such as LinkedIn. We are prepared to change this if there is a better solution.

Azure B2C seemed like a good option, as this does something similar, but in our testing we found that while an AAD user is created, we are unable to assign IAM permissions to these users to grant them access to resources. Is this correct?

The other approach we have is to simply create an AAD user for people who log into our app, but we want to avoid people needing two sets of authentication, and instead provide a more SSO solution. Is there a better approach that we have missed?

azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Sam-Cogan avatar image
0 Votes"
Sam-Cogan answered NickDiaz-9048 commented

Azure IAM rights can only be granted to Azure AD (B2B) users, you cannot grant them to external accounts.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for the update Sam, what would be the best course of action in the above scenario

0 Votes 0 ·