Authentication

It has been nearly two years since my initial exploration of Entra External ID for Customers - Native Authentication back in June 2024. Since then, the authentication landscape has evolved, and Microsoft has continued to enhance the capabilities of Entra External ID. In this update: Native Authentication has been extended to support Multi-Factor Authentication (MFA). One-Time Passwords (OTP) via email and SMS have been enabled as additional authentication methods. I am still keeping my fingers crossed for magic link authentication and passkey support! ...

Tl;dr I will show you typical CIAM challenges, scenarios, diagrams, and links to the repositories with the implementation of the new Azure Service—Entra External ID for Customers (CIAM). Big Picture Link to bigger picture. Introduction Entra External ID for Customers is a new Azure Tenant type that allows you to create digital identities for your customers. It is a separate tenant type, not connected with your organisation’s tenant. ...

Tl;dr Security and privacy are paramount in today’s digital age, especially regarding personal information and interactions. One innovative approach to bolstering security in digital communications, such as phone calls, is using verifiable credentials for authentication. Details Here’s a simplified explanation of how phone call authentication via verifiable credentials works. Imagine you receive a phone call from a service provider, say your customer. Instead of going through the traditional and often tedious method of answering security questions (which could be guessed or obtained by someone else), the authentication process involves a digital handshake using verifiable credentials. ...

TL;DR You started your cloud journey with AWS and you need to authenticate your first customers, partners. You don’t want to build your own authentication service - you want to use a managed service. AWS Cognito is a great solution for you. It is easy to start with, cheap, and easy to integrate with the frontend and backend. You can start with a sample solution from AWS and workshop. ...

History 2024-06-02 - Initial version 2025-03-03 - Updated Summary TL;DR With Azure AD B2C we can authenticate users via a browser-based feature - we run the OpenID Connect flow in the browser, authenticate the user via the Authorization Code flow, and get the token. But what if we want to stay with the mobile application? On the Desktop application? With Entra External ID we can use the native authentication flow. ...