We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?Lucas Vogel commented
Hi all - just wanted to throw out there that I created a console application for adding test users to Azure AD B2C instances. You can find the code at https://github.com/elvogel/b2c. You create a b2c.json (through the command line or manually) with AppId, Tenant and Secret settings, and use the command line to create test users.
I thought I'd throw it out there from here in case anyone finds it helpful.
LucasLucas Vogel commented
I created a sample project that uses an IAuthorizationService implementation to check users against groups in the AD back end using the Graph API. Check it out: https://github.com/endpointsystems/Azure.B2C.Demos.GroupAuthorization
Brief writeup about it here: https://endpointsystems.com/blog/azure-ad-b2c-group-authorization
We are working to support SP-initiated SSO as well. However, we don’t have timing on when it would available to customers.
At the moment our recommended method for checking the identity of the current user is to check several attributes added to incoming requests. This is to allow your application to go completely in and out of memory on lower priced tiers without “always-on.” Check out the tutorial below for the header names.
We would like to have language specific auth functionality like this in the future. I am placing this item in “unplanned” to be used in future planning sessions.
thanks for your feedback!
Azure App Service Team