AZURE B2C INTERVIEW QUESTIONS & ANSWERS
Searching for a Azure Active Directory (Azure AD) B2C Interview Questions ? If you are an expert in Azure , then this is for you. If you are preparing for Azure Active Directory (Azure AD) B2C job interview, we will help you in clearing the interview through Wisdomjobs interview questions and answers page. Azure Active Directory (Azure AD) B2C is considered as a service which manages identitiy that lets the user to modify or customize on how their profiles in the applications can be used and controlled, like sign up and register pages.Utilize the opportunity to grab the job. There are number of developers who work on Azure. Below are the Azure Active Directory (Azure AD) B2C Interview Questions and answers which makes you comfortable to face the interviews:
Azure B2C Interview Questions And Answers
- Question 1. How Do I Add A Saas Application To B2c?Answer :B2C only supports OpenID Connect. It needs some OAuth tweaks to add in profile details. If the SaaS application can make those changes, then yes. If not, you need a bridge . To support WS-Fed and SAML 2.0 you need a bridge as described here.
- Question 2. I See That You Used Identityserver As A Bridge. Is That The Only Solution?Answer :No – you could use something like Auth0 as well. The key is that it has to be customisable and it has to be able to support both CP and RP.
- Question 3. Adfs V4.0 (server 2016) Supports Oidc. Could I Use This As A Bridge?Answer :No – ADFS v4.0 is not customisable and it only supports OIDC as a RP not as a CP.
- Question 4. How Can I Do Sso With Adfs And B2c?Answer :At the moment you can’t.As above there is no way to connect them directly. However, you could try something like:Application –> WS-Fed / SAML / OIDC –> ADFS –> WS-Fed / SAML –> IdentityServer –> OIDC –> B2C.
- Question 5. Azure B2c Runs On Azure Ad. I Can Set Up A Federated Tenant With Adfs And Azure Ad. So Why Can’t I Do This With B2c?Answer :B2C is a “different kind” of Azure AD tenant. It was developed for a use case of millions of external users that have no need for SaaS or federation.
- Question 6. Can I Use Aad Connect To Provision My Users In B2c?Answer :No – that only works for “normal” Azure AD. In addition, AAD Connect provisions users from AD. Typically, these are internal users inside a company’s intranet. B2C supports a different use case – external users not directly employed by a company and on the internet. So it wouldn’t make sense to use AAD Connect.
- Question 7. So I Can’t Programmatically Provision My Users In B2c?Answer :Yes you can via the Graph API. Have a look at the sample.
- Question 8. Does B2c Allow Sso Across Applications?Answer :All applications that can authenticate with B2C have SSO across them.
- Question 9. What About Logout From B2c?Answer :That’s more a function of OIDC and currently there is no standardised logout functionality.
- Question 10. Can I Use The Nuget Microsoft Owin Oidc Package To Connect To B2c?Answer :No not OOTB – B2C uses profiles and these profiles have to be added to the OAuth message. Refer B2C sample code.
- Question 11. So I Can’t Use Any Standard Oidc Library?Answer :Not OOTB – they require customisation.
- Question 12. What About Other Languages E.g Java?Answer :I have heard of people using a Java OIDC library that they customised.
- Question 13. I Already Have An Azure Ad Tenant. Can I Use That For B2c?Answer :No – B2C is a “different kind” of Azure AD tenant. When you create a new Azure AD tenant, you’ll see there is a check-box that asks you if this is for B2C. The Azure AD tenant is either “normal” or B2C – it can’t be both.
- Question 14. I Have A Number Of Different Logins On B2c – Local And Some Social. However, They Are All For The Same Person I.e. Me. Is There Any Way To Link All These Identities?Answer :No – not at the moment.
- Question 15. Can I Add Other Social Providers?Answer :No – not at the moment.
- Question 16. Can I Use Azure Ad B2c Features In My Existing, Employee-based Azure Ad Tenant?Answer :Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization. An Azure AD B2C tenant represents a collection of identities to be used with relying party applications. With custom policies (in public preview), Azure AD B2C can federate to Azure AD allowing authentication of employees in an organization.
- Question 17. Can I Use Azure Ad B2c To Provide Social Login (facebook And Google+) Into Office 365?Answer :Azure AD B2C can’t be used to authenticate users for Microsoft Office 365. Azure AD is Microsoft’s solution for managing employee access to SaaS apps and it has features designed for this purpose such as licensing and conditional access. Azure AD B2C provides an identity and access management platform for building web and mobile applications. When Azure AD B2C is configured to federate to an Azure AD tenant, the Azure AD tenant manages employee access to applications that rely on Azure AD B2C.
- Question 18. What Are Local Accounts In Azure Ad B2c? How Are They Different From Work Or School Accounts In Azure Ad?Answer :In an Azure AD tenant, users that belong to the tenant sign-in with an email address of the form <xyz>@<tenant domain>. The <tenant domain> is one of the verified domains in the tenant or the initial <…>.onmicrosoft.com domain. This type of account is a work or school account.In an Azure AD B2C tenant, most apps want the user to sign-in with any arbitrary email address (for example, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, or email@example.com). This type of account is a local account. We also support arbitrary user names as local accounts (for example, joe, bob, sarah, or jim). You can choose one of these two local account types when configuring identity providers for Azure AD B2C in the Azure portal. In your Azure AD B2C tenant, click Identity providers and then select Username under Local accounts.User accounts for applications must always be created through a sign-up policy, sign-up or sign-in policy, or by using the Azure AD Graph API. User accounts created in the Azure portal are only used for administering the tenant.
- Question 19. Which Social Identity Providers Do You Support Now? Which Ones Do You Plan To Support In The Future?Answer :We currently support Facebook, Google+, LinkedIn, Amazon, Twitter (preview), WeChat (preview), Weibo (preview), and QQ (Preview). We will add support for other popular social identity providers based on customer demand.Azure AD B2C has also added support for custom policies. These custom policies allow a developer to create their own policy that with any identity provider that supports OpenID Connect vs SAML.Get started with custom policies by checking out our custom policy starter pack.
- Question 20. Can I Configure Scopes To Gather More Information About Consumers From Various Social Identity Providers?Answer :No, but this feature is on our roadmap.The default scopes used for our supported set of social identity providers are:
- Facebook: email
- Google+: email
- Microsoft account: openid email profile
- Amazon: profile
- LinkedIn: r_emailaddress, r_basicprofile
- Question 21. Does My Application Have To Be Run On Azure For It Work With Azure Ad B2c?Answer :No, you can host your application anywhere (in the cloud or on-premises). All it needs to interact with Azure AD B2C is the ability to send and receive HTTP requests on publicly accessible endpoints.
- Question 22. I Have Multiple Azure Ad B2c Tenants. How Can I Manage Them On The Azure Portal?Answer :Before opening ‘Azure AD B2C’ in the left side menu of the Azure portal, you must switch into the directory you want to manage. Switch directories by clicking your identity in the upper right of the Azure portal, then choose a directory in the drop down that appears. For a step-by-step with images, see Navigate to Azure AD B2C settings.