What are the best practices for Azure account setup with a B2C tenant?

0
votes

I'm trying to find information on how to best set up an Azure account/directory when leveraging a B2C tenant as part of the process. This includes how to have instances for both Production and Development.

Right now I have a primary Directory with a subscription, storage resource, and B2C tenant. But there's a second Directory which was created IIRC as part of the B2C setup. There are no resources under that Directory and I'm confused as to what its purpose is.

  1. Should I add additional resources that I need to the main Directory or under that B2C one?
  2. What exactly does that B2C directory do other than sit there? I'm so confused by its presence.
  3. Is there an easy way to clone everything and create a copy for Prod/Dev or is it all manual?

Edit: It should have been obvious but wasn't.. the reason for the additional B2C AD is that it acts a container for all your users. Makes sense once you think about it.

1
azureazure-active-directoryazure-ad-b2c

1 Answers

1
votes

1.Should I add additional resources that I need to the main Directory or under that B2C one?

It depends on you, if you want the B2C tenant be able to access Azure resources, you can link your B2C tenant to your Azure subscription. If you just want to use Azure B2C to authenticate users, there is no need to link it to azure subscription.

2.What exactly does that B2C directory do other than sit there? I'm so confused by its presence.

The B2C AD is a feature of Azure B2C, just like Azure AD. If you want to use Azure AD as the provider to your b2c sign flow, you can use this one or some other Azure AD tenants.

3.Is there an easy way to clone everything and create a copy for Prod/Dev or is it all manual?

I think you need to clone them manually. Some Azure resources also have a feature of clone. If you have some resources which need to be deployed multiple times, you can use ARM template deployment.