Implementing the BFF Security Pattern with EntraId (B2c)
Published in
6 min readAug 2, 2023
To make your web application more secure, it is recommended to migrate token handling to the server-side rather than the client-side. Unfortunately, to many organisations, this may seem rather complex. But it doesn’t have to be.
Complete the following three steps to implement the BFF Security Pattern with AzureAd:
- Create an App Registration in Azure.
- Create an aspnetcore API
- Build a BFF
Step 1.) Create an App Registration in Azure (B2c)
To be able to authenticate users via Azure Active Directory, you must create an App Registration. Go to https://portal.azure.com, and follow these steps:
- Create an app registration
- Create a secret
- Create an Application ID URI and a scope
- Request API permissions for the scope, and grant it
1. Create an app registration
- Navigate to
Azure Active Directory
, and clickApp registrations
in the menu on the left (or click here). - Click
+ New registration
, and fill out the form as displayed in the screenshot:
- Make sure to register the…