Deploy and manage Active Directory B2C using ARM templates and RM PowerShell cmdlets.
When building Azure-based applications intended for generalization and multiple deployment, it would simplify both the development and deployment experience if B2C directories could be configured using the standard Azure RM template and PowerShell cmdlet functionality.
Given that a Azure AD B2C tenant should only be used for configuring Azure AD B2C, would having programmatic API’s to configure all of the Azure AD B2C settings be useful or is there more that you are looking to achieve using ARM templates?
Following, Any updates to this request either in the roadmap or not planning at all?
Flexsoft | Sammy Vergeylen commented
We like to use a separate B2C for each environment (at least one for productional use and one for dev and other environments).
We deploy our complete environment via ARM template (and added some powershell where needed). It would mean a big difference if the B2C could be maintained in this way as well.
"would having programmatic API’s to configure <ANY AZURE> settings be useful"
YES. that's the whole idea of automation, CI/CD, the removal of repetitive, mundane, human-error-prone tasks using ARM / Powershell combined with (environment) variables is one of the key pillars in the success of (our) cloud. Any configuration that can be done in Azure should be represented by a proper documented way of automation. A client needs to add a fix for the password-reset link not working when using B2C from APIM (https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/33494830-go-direct-to-password-reset-from-sign-in-sign-up, please fix that as well), they need to deploy from dev to test to acceptance to production. Policy names and page layouts need to be consistent. I simply refuse to write a manual to accomplish this, the only guidance they will receive is a proper commented PowerShell script and/or ARM template, the same as for all other Infrastructure related configurations (IAC is the future, the future is NOW).
Thanks in advance for providing this essential feature.
Best regards, Arthur
Rob Monro commented
Any way of deploying B2C through automation would be useful. Its frustrating that the public API does not seem to be currently documented or exposed. Unless I've missed them?
The lack of templating / APIs for deployment means new instances of an application cannot be automatically deployed for a new customer with their own related B2C instance.
Philip Peterhansl commented
Integration into terraform azurerm or terraform azuread providers would be highly appreciated as well!
Since Adam submitted this request, and now he is on the team ..... can we get an update :D
@parakh - Like Alexander is saying below, it's a way to have a declarative way to deploy that produces the same results. Like you would with an ARM template for VM's/Apps etc.
Alexander Mason commented
Declarative (make the current state to match this configuration) is far preferred to imperative (run set of commands or APIs) especially if dealing with many different policies
David Klassen commented
Want a way to start the process off in predictable and uniform way.
[Deleted User] commented
Jayesh Patil commented
Is there any way we can achieve Azure AD B2C and Azure API Management Developer Portal integration via Azure Terraform or Azure ARM templete right now ?
Guoussev-Donskoi, Roman (MGCS) commented
Please provide interface to create B2C programmatically for large enterprises we need consistent creation of several B2C instances
Simon Parker commented
Has any automation of B2C evolved and is now available?
ALEXANDER SMALL commented
We also require the ability to manage B2C tenants, please add ASAP
Ben Sorek commented
We would like the ability to create a B2C tenant, upload custom policies, register applications and create policy keys. Not having this functionality severely impedes our ability to automate our deployments. Being able to do this either through a programmatic API or az cli would be great.
Ayers, Kevin (US - Florida) commented
I thought it was a general policy all features in Azure were done with API\Powershell before a UI was ever written? How is this not a standard feature?
Our organization needs a way to automate the standing up and tearing down of B2C tenants. Either through ARM templates over via the AZ cli.
Agree with the comments provided already. Having in ARM template and configurable for different environment is better than doing those steps manually in each place.
Wim van den Heijkant commented
We have significant issues with there not being ARM or PowerShell support for creating and setting up Azure AD B2C tenants. Our client has the policy that no changes are made to ACC or Production systems by hand. Everthing needs to go through the VSTS (or Azure DevOps) pipeline. Not being able to deploy ACC and PRD from a script means room for error..
Agree with @Johan. I would like this for Dev / Test / UAT / Prod etc. ARM templates are ideal for this.