Azure AD B2C

You can also use Azure AD B2C to manage your customers’ identities and access. You want to give your doctors’ accounts protected access to resources and services. Use Azure AD B2C to securely authenticate the doctors through their preferred identity providers.

AD B2C also helps you monitor for threats like brute force attacks and denial-of-service attacks on doctors’ user accounts. To use Azure AD B2C, you first register your apps. Then, you configure user flows to set up the user’s journey to access an app.

For example, a flow for the sign-in process might go like this:

1. On their browser or mobile phone, the user goes to the app they want to access.
2. The user is required to complete the sign-in form.
3. If the credentials are verified and multifactor authentication is enabled, the user receives a verification code on their phone.
4. The user provides the code they received.
5. The user is granted access to the app.

This feature is available on a pay-as-you-go basis.

Microsoft Entra Domain Services

Microsoft Entra Domain Services lets you add virtual machines to a domain without needing domain controllers. Your internal staff users can access virtual machines by using their company Microsoft Entra credentials.

Use this service to reduce the complexity of migrating on-premises apps to Azure. An organization could also use Microsoft Entra Domain Services to handle its infrastructure if it runs apps both on-premises and in the cloud. The process might go like this:

1. The organization deploys its apps and servers in a virtual network on Azure.
2. Microsoft Entra Connect Sync synchronizes identity information between the on-premises Active Directory instance and the organization’s tenant in Microsoft Entra ID.
3. The company enables Microsoft Entra Domain Services on their Microsoft Entra tenant.
4. The apps and servers in Azure can use features like domain joining and Kerberos authentication.

This feature is available for pay-as-you-go, based on the total number of objects in your domain managed by Microsoft Entra Domain Services. Objects can include users, groups, and domain-joined computers.