SimpleAuthB2C 1.0.0

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher. 
dotnet add package SimpleAuthB2C --version 1.0.0
                    


                    

                
NuGet\Install-Package SimpleAuthB2C -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="SimpleAuthB2C" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="SimpleAuthB2C" Version="1.0.0" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="SimpleAuthB2C" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add SimpleAuthB2C --version 1.0.0
                    


                    

                
#r "nuget: SimpleAuthB2C, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package SimpleAuthB2C@1.0.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=SimpleAuthB2C&version=1.0.0
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=SimpleAuthB2C&version=1.0.0
                    


                            Install as a Cake Tool

SimpleAuthB2C

🚀 Simplified Azure B2C Authentication for ASP.NET Core

A lightweight, configuration-driven wrapper around Microsoft.Identity.Web that reduces Azure B2C setup from 50+ lines of code to just 1 line.

✨ Features

  • One-line setup - services.AddSimpleAuthB2C(configuration)
  • Configuration-driven - No boilerplate code, just JSON config
  • Production-ready - Built on Microsoft.Identity.Web with smart defaults
  • Zero magic - Clear, predictable, follows ASP.NET Core patterns
  • Extensible - Full access to underlying authentication builder

🎯 Benefits

Aspect Microsoft.Identity.Web SimpleAuthB2C Reduction
Setup Lines ~50 lines 1 line 98% reduction
Configuration All in code JSON-driven 100% externalized
Pipeline Setup 4+ middleware calls 1 call 75% reduction
Environment Differences Code changes Config changes only 100% no-code

🚀 Quick Start

1. Install Package

dotnet add package SimpleAuthB2C

2. Configure (appsettings.json)

{
  "SimpleAuthB2C": {
    "Enabled": true,
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "yourcompany.b2clogin.com",
    "TenantId": "your-tenant-id",
    "ClientId": "your-client-id",
    "ClientSecret": "your-client-secret",
    "SignUpSignInPolicyId": "B2C_1_SignUpSignIn",
    "Scopes": ["openid", "profile", "offline_access"]
  }
}

3. Setup (Program.cs)

// Add authentication
builder.Services.AddSimpleAuthB2C(builder.Configuration);

var app = builder.Build();

// Configure pipeline
app.UseSimpleAuthB2C();
app.MapSimpleAuthB2C();

app.Run();

That's it! 🎉

📋 Complete Configuration Reference

{
  "SimpleAuthB2C": {
    "Enabled": true,
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "yourcompany.b2clogin.com",
    "TenantId": "your-tenant-id",
    "ClientId": "your-client-id",
    "ClientSecret": "your-client-secret",
    "SignUpSignInPolicyId": "B2C_1_SignUpSignIn",
    "ResetPasswordPolicyId": "B2C_1_PasswordReset",
    "EditProfilePolicyId": "B2C_1_EditProfile",
    "CallbackPath": "/signin-oidc",
    "SignedOutCallbackPath": "/signout-callback-oidc",
    "Scopes": ["openid", "profile", "offline_access"],
    "Session": {
      "CookieName": "SimpleAuthB2C.Session",
      "TimeoutMinutes": 60,
      "SlidingExpiration": true,
      "HttpOnly": true,
      "Secure": true,
      "SameSite": "Lax"
    },
    "Cors": {
      "Enabled": true,
      "AllowedOrigins": ["https://yourapp.com", "https://localhost:3000"],
      "AllowedMethods": ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
      "AllowedHeaders": ["Authorization", "Content-Type", "Accept"],
      "AllowCredentials": true
    }
  }
}

🔐 Security Best Practices

Azure Key Vault Integration

{
  "SimpleAuthB2C": {
    "TenantId": "${AZURE_B2C_TENANT_ID}",
    "ClientId": "${AZURE_B2C_CLIENT_ID}",
    "ClientSecret": "${AZURE_B2C_CLIENT_SECRET}"
  }
}

Environment-Specific Configuration

Development (appsettings.Development.json):

{
  "SimpleAuthB2C": {
    "Domain": "yourcompany-dev.b2clogin.com",
    "Session": { "Secure": false },
    "Cors": { "AllowedOrigins": ["https://localhost:3000"] }
  }
}

Production (appsettings.Production.json):

{
  "SimpleAuthB2C": {
    "Domain": "yourcompany.b2clogin.com",
    "Session": { "Secure": true },
    "Cors": { "AllowedOrigins": ["https://yourapp.com"] }
  }
}

🛠️ Authentication Endpoints

SimpleAuthB2C automatically provides these endpoints:

  • GET /auth/login - Initiate login flow
  • GET /auth/logout - Sign out user
  • GET /auth/reset-password - Password reset flow
  • GET /auth/edit-profile - Profile editing flow
  • GET /auth/user - Get current user info
  • GET /auth/error - Authentication error page

🔧 Advanced Usage

Custom Configuration

builder.Services.AddSimpleAuthB2C(builder.Configuration, options =>
{
    options.Scopes = new[] { "openid", "profile", "email", "offline_access" };
    options.Session.TimeoutMinutes = 120;
    options.Cors.AllowedOrigins = new[] { "https://custom-domain.com" };
});

Integration with Authorization Policies

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("RequireAuthenticated", policy =>
        policy.RequireAuthenticatedUser());
        
    options.AddPolicy("RequireAdmin", policy =>
        policy.RequireRole("Admin"));
});

// Use in controllers
[Authorize(Policy = "RequireAuthenticated")]
public class HomeController : Controller
{
    // Your controller actions
}

🏗️ Architecture

SimpleAuthB2C is a thin wrapper around Microsoft.Identity.Web that:

  1. Follows ASP.NET Core patterns - Uses standard configuration and DI
  2. Respects configuration precedence - Environment variables > appsettings.json
  3. Provides smart defaults - Minimal configuration required
  4. Maintains full compatibility - Access to underlying AuthenticationBuilder

🆚 Comparison with Raw Microsoft.Identity.Web

Before (Microsoft.Identity.Web):

builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApp(options =>
    {
        options.Instance = "https://login.microsoftonline.com/";
        options.Domain = "yourcompany.b2clogin.com";
        options.TenantId = "your-tenant-id";
        options.ClientId = "your-client-id";
        options.ClientSecret = "your-client-secret";
        options.SignUpSignInPolicyId = "B2C_1_SignUpSignIn";
        options.ResetPasswordPolicyId = "B2C_1_PasswordReset";
        options.EditProfilePolicyId = "B2C_1_EditProfile";
        options.CallbackPath = "/signin-oidc";
        options.SignedOutCallbackPath = "/signout-callback-oidc";
        options.ResponseType = OpenIdConnectResponseType.Code;
        options.Scope.Add("openid");
        options.Scope.Add("offline_access");
        options.TokenValidationParameters.NameClaimType = "name";
        options.Events = new OpenIdConnectEvents
        {
            OnRedirectToIdentityProvider = context =>
            {
                // Custom policy handling
                return Task.CompletedTask;
            },
            OnRemoteFailure = context =>
            {
                // Error handling
                return Task.CompletedTask;
            }
        };
    })
    .EnableTokenAcquisitionToCallDownstreamApi()
    .AddInMemoryTokenCaches();

builder.Services.AddSession(/* ... */);
builder.Services.AddCors(/* ... */);

// Pipeline setup
app.UseSession();
app.UseCors("Policy");
app.UseAuthentication();
app.UseAuthorization();

After (SimpleAuthB2C):

builder.Services.AddSimpleAuthB2C(builder.Configuration);

app.UseSimpleAuthB2C();
app.MapSimpleAuthB2C();

📖 Documentation

🤝 Contributing

Contributions welcome! Please read our Contributing Guide.

📄 License

MIT License - see LICENSE file for details.

🆘 Support

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.0 133 8/14/2025

v1.0.0 Initial Release: 🚀 LAUNCH: Simplified Azure B2C authentication for ASP.NET Core. ✨ FEATURES: One-line setup, configuration-driven, built on Microsoft.Identity.Web. 🎯 BENEFITS: 98% less code, zero boilerplate, production-ready defaults.