I've built an entire Azure AD B2C User Management solution that is available for free on Github. The code samples below are part of this larger solution. Feel free to use this application as you see fit. Contact me if you run into any issues or need help consulting on your Azure AD B2C project.
I’ve gotten a few emails from my blog post on using Postman to query Azure B2C users extension properties using Microsoft’s GraphAPI. The documentation is light but I’ve implemented this strategy over and over again so I wrote that blog post to help other people out.
Now, I want to create a dashboard to allows administrative users to ability to manage their B2C properties of other users in their tenants. Currently, user properties need to be managed through the Azure Portal. The Azure Portal feels clunky and not very user friendly. There is also no way for administrators of a tenant to manage the extension properties of a user through the Azure Portal. All extension properties of a user must be managed via the Microsoft Graph API.
Problems this application will solve
There are a couple problems the initial release of the application will aim to solve.
- There is currently no way to add/remove/update extensions of B2C users without using the Graph API. This application will be a wrapper around the Graph API integration to give administrative users a nice and user friendly interface into Azure B2C users management.
- No way to add roles and features to users without logging directly into Azure.
- Cannot add users easily.
Hard to fix problems
Some of the problems I might run into while developing this software:
- The Graph API can be set up as a separate App Registration in the Azure Portal. Then using the Graph API I would connect using the generated client id and client secret. How do you save the client id and client secret securely? And will customers/users trust my application with their client id and secret – this application will need to have Read/Write access to their user store.
- Can I create an OAuth connection to the existing Azure B2C environment where the user already has an account. Instead of connecting as the application, can I simply connect the authenticated user via Azure B2C OAuth?
- What type of application is this going to be? How do you distribute this application? Can this be developed as a SaaS application or do I sell the compiled application along with a license?