问题
We have a Web API intended to serve multiple business partners, each of which will be customizing a white label version of our native app client.
We also have a Web API offering common functions to different apps.
We would like to use AD B2C as the identity and auth system, but cannot see how or if it is possible to use AD B2C to secure a common API for multiple apps. Is this achievable?
回答1:
It depends on how you want to your partners usig the account login-in. If you expected that the partners login-in using the consumer account or local account in the Azure AD B2C you own, the answer is yes.
The Azure AD B2C supports the Access Tokens from March 23, 2017(refer here). And it supports many types of clients, including web apps, desktop and mobile apps, single page apps, server-side daemons, and other web APIs.
It is same to develop an web API server for one native app or multiples apps, you only need to register the multiple apps in your B2C tenant. More detail about acquring the access token for the Azure AD B2C, you can refer the link below:
Azure Active Directory B2C: OAuth 2.0 authorization code flow
来源:https://stackoverflow.com/questions/43539757/with-azure-app-service-easy-auth-azure-ad-b2c-is-it-possible-to-secure-a-singl