Just trying to understand the concept of Azure AD. I understand that it has all federated identity concepts to log in a user based on some third part provider like Facebook and Google.
But what if a user want to register to your app instead. Cant i use azure to simply pass my email and password and a user is created. and i get change password and forgot password like basic service out of the box instead of me creating an asp.net identity based web apis and maintain identity database in SQL and expose this system to my clients.
let me know if i am thinking in wrong direction.
Yes there is.
Have a look at Azure Active Directory B2C
Edit:
Azure AD B2C is a cloud identity management solution for your web and mobile applications. It is a highly available global service that scales to hundreds of millions of identities. Built on an enterprise-grade secure platform, Azure AD B2C keeps your applications, your business, and your customers protected.
With minimal configuration, Azure AD B2C enables your application to authenticate:
- Social Accounts (such as Facebook, Google, LinkedIn, and more)
- Enterprise Accounts (using open standard protocols, OpenID Connect or SAML)
- Local Accounts (email address and password, or username and password)
With AAD B2C it's super simple to get up & running. But you're also able to customize it exactly the way you want it. Think about Sign-in & sign-up policies, branded login pages, password reset and even optional Multifactor Authentication.
For more information and examples in multiple languages: Azure AD B2C: Focus on your app, let us worry about sign-up and sign-in