foreign s welcome back to my channel learn smart coding this is Karthik thanks for joining with me today so in this video what I'm going to cover is how to add the authentication and authorization part in your angular application the concept that I'm going to use is very popular one and very secure one which is azure active directory business to consumer in short form we will call it as Azure adb2c so we will go through the Azure adb2c Concepts and we will also see how to do the app registration and configure these things in your web API and the angular application so now it's time to learn understand what is azure ADB to C okay so this is part one and I'm going to go through Azure 80 b2c Concepts okay so what is azure adb2c ad stands for active directory so sometimes we will abbreviate this as ad going forward and B to C Business to consumers in the cloud World be it AWS Azure Google or name it any cloud provider you will mostly hear something called as a service like infrastructure as a servers platform as a servers all these things right so basically infrastructure as a service means when provider the cloud provider provides the basic building blocks like storage visual machine then we will call it as info successor servers and you will also call it as platform as a service when the cloud provider abstracts the infrastructure and you build apps on a pre-configured platform similarly Azure adb2c follows on the same pattern it's an identity as a service meaning Azure host Azure will host all the necessary components for you to build application that allows user to sign up and login okay so let's understand that but you don't need to worry about these things whatever happens behind the scene it's as your responsibility Microsoft responsibility okay or the cloud provider responsibility we will focus only on the consumer application so when you hear the term active directory you normally think sometime like okay active directory means its Enterprise applications only for the people who work for a company can work in Azure ad b2c allows you to build apps for consumers it's still in active directory uses storage where your application can access attributes like name address you know phone numbers street address and so on but it's aimed at the consumer application so unlike the Enterprise application where you know who are the users for your application in this case we will not know who will be our user okay so if you consider my app we don't know who's going to login it could be any person in the world can log in right so Azure adb2c lets user sign up sign in to your application with either your username or password that they create and that is stored as a local account or they can actually sign in with the social accounts like Twitter Google Facebook and so many other famous or social networks okay so b2c also allows you provide the custom branding so the login experience that you saw right now was The inbuilt Branding you can actually customize that so Azure adb2c is developed in industrial standard wise such as open ID oauth and saml okay so they could create a regular username password or they could use their Google login if you allow it like you have to configure it so we will also see that in our complete course regardless of which way the user decides to log in to your application behind a scene they will all have the same type of account and the backing Azure active directory is nothing but the user store this provides the ultimate flexibility for you as well as for the users giving you even more flexibility is that you can actually customize the login experience for your users not only you can control The Branding that these users can see but you can also control what attributes they can enter like the street address name display name given name surname blah blah so many things you can actually customize all those things and Azure adb2c is perfect to be used with web apis mobiles and mobile apps and what else does your adb2c provides it also provides multi-factor authentication or also called as MFA and also integration with other third-party identification proofing companies so both of these make sure your users have their account secured so there's a strong logging and auditing available in b2c you can see course logging in and what is going on and you can also track down uh you know if there's an issue happening for a particular customer actually can track down so those auditing and logging will help us what is going to work with this Azure adp2c so the server-based applications like dotnet PHP Ruby or the node all these things uses the open ID connect for all the user experience with the app initiating login flow single page application works as well because our demo itself is for spa application which is angular so that will work for that as well mobile application works wonderfully with b2c so this application initiate a flow and integrate with the oauth to authorization code flow and of course you can secure your web services and API with b2c so they use or2 to authenticate the incoming HTTP request using tokens and it extracts info about the calling user from the claims inside the token like we saw how to decrypt the token and see what information is present so those are the things right and there are some applications which will not work with Azure adb2c okay so any application that is a long running application without a user interface those don't work with b2c Okay uh it's or a web API chain one API calling another API or web service calling another web servers all those things will not work with the adb2c so with this information come let's get into the action thanks for watching if you like my video don't forget to subscribe my channel like it share it comment it and never forget to click on the Bell icon