Hi Greg, I’d suggest, for a start, taking a detailed look at Azure AD B2C.
Presuming you already have Azure AD for some other purpose, this might be just what you need. Most of these modern auth providers make it easy to use a variety of alternate login methods. Check out some videos on it, but there are also plenty of samples e.g. https://github.com/azure-ad-b2c/samples Regards, Greg Dr Greg Low 1300SQLSQL (1300 775 775) office | +61 419201410 mobile│ +61 3 8676 4913 fax SQL Down Under | Web: https://sqldownunder.com<https://sqldownunder.com/> |https://greglow.me From: ozdotnet-boun...@ozdotnet.com <ozdotnet-boun...@ozdotnet.com> On Behalf Of Greg Keogh Sent: Monday, 26 April 2021 8:59 AM To: ozDotNet <ozdotnet@ozdotnet.com> Subject: Sign-in with social accounts Folks, we have some old apps with their own simple credentials databases containing user, password, login count, permissions, etc. They're classic old fashioned systems. Increasing numbers of apps let you sign-in with your Facebook, Google, Microsoft, etc account these days. This is really convenient, and the security burden is taken by someone else. How can our apps participate in a social sign-in option? Has anyone done this? I imagine some terrible obstacles... ? Apps would have to be registered with the various various companies. ? The client apps might be WPF, Xamarin, Blazor or ASP.NET<http://ASP.NET>, so how would they hook into the sign-in process. ? Each company might return different types of tokens or even follow different conventions. Greg K
