Microsoft Looks Beyond the Enterprise with Azure AD Extensions
Active Directory is used by well over 90 percent of
enterprises for authentication to core systems ranging from file servers to
various other resources connected to organizations' networks. In a key step
toward extending its reach to support partners and
customers, Microsoft today is adding two new services to Azure AD that the
company says can scale and manage external identities.
The new Azure AD B2C Basic service was designed to enable
support for customer facing apps and Azure AD B2B Collaboration will add
security for business-to-business partners. Microsoft is releasing technical
previews of both new services today. Microsoft indicated an Azure AD B2C Premium
edition is also in the works.
"You just turn on
the ability to establish trusted relationships between you and the set of
partners who you want to work with," said Alex Simons, Microsoft's senior
director for Active Directory, during a conversation prior to the announcement. The B2C (business-to-consumer) service that
targets consumers can scale to "hundreds of millions of consumer identities,"
Simons said in a
blog post, noting customers can authenticate now with Facebook and Google
credentials and soon to be supported are Microsoft Accounts. The service can
support hundreds of millions of consumer identities. The first 50,000 are free.
Microsoft posted
pricing for those with more than 50,000.
"Along with security and scale, Azure Active Directory B2C also easily
integrates with nearly any platform, and it is accessible across devices. This
functionality means that your consumers will be able to use their existing
social media accounts or create new credentials to single-sign on to your
applications through a fully customizable user experience. Optional multifactor
authentication will also be available to add additional protection."
The Azure B2B Collaboration component will allow
organizations to add contractors and business partners, while ensuring resources
are protected. It will support single sign-on to resources based on permissions
to such apps and services as Workday, Dropbox and Saleforce.com.
Simons noted that Microsoft is demonstrating it in the DevZone section at
Salesforce.com's Dreamforce, the software as a service company's annual customer
and partner event taking place this week in San Francisco.
Organizations using Azure B2B
Collaboration can create advanced trust relationships between Azure AD tenants to
share access to business applications and data, according to Simons.
A few early access partners including Real Madrid, lens
maker Carl Zeiss and Kodak Alaras acknowledged they're testing the new services
via Simons post. In the case of Kodak Alaras, the company set it up to support
thousands of partners accessing a new extranet.
"It's the equivalent of setting up a trust between two
tenants in Azure Active Directory, the difference being that it's done at an
individual group or user level between the tenants," Simons said. "So you
wouldn't just have Microsoft say ‘I trust Intel,' it would be Microsoft saying
‘oh I want these five people or these three groups that Intel has specified to
be able to use my applications.'"
Posted by Jeffrey Schwartz on 09/16/2015 at 11:29 AM