Skip to content

Commit 8b70f87

Browse files
authored
Update partner-grit-iam.md
1 parent a260afb commit 8b70f87

File tree

1 file changed

+9
-20
lines changed

1 file changed

+9
-20
lines changed

articles/active-directory-b2c/partner-grit-iam.md

Lines changed: 9 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -30,24 +30,22 @@ To get started, ensure the following prerequisites are met:
3030

3131
- A Grit IAM account. You can go to [Grit IAM B2B2C solution](https://www.gritiam.com/b2b2c) to get a demo.
3232
- An Azure AD subscription. If you don't have one, you can create a [free Azure account](https://azure.microsoft.com/free/).
33-
- An Azure AD B2C tenant linked to the Azure subscription. You can learn more at [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md).
34-
33+
- An Azure AD B2C tenant linked to the Azure subscription. You can learn more at [Tutorial: Create an Azure Active Directory B2C tenant](tutorial-create-tenant.md).
34+
- Configure your application in the Azure portal.
35+
- In the Grit Onboarding portal, create a super admin for the tenant.
3536

3637
## Scenario description
3738

3839
Contoso does business with end customers and large enterprises, like Fabrikam_big1 and Fabrikam_big2. There're small enterprise customers like Fabrikam_small1 and Fabrikam_small2 and direct business is done with end customers like Smith1 and Smith2.
3940

40-
4141
*Contoso* has web and mobile applications and develops new applications. The applications rely on user shared profile data such as, first name, last name, address, and email. They want to centralize the profile data, so applications aren't collecting and storing the data. They want to store the profile information in accordance with certain compliance and regulations.
4242

43-
4443
![Screenshot that shows the architecture diagram of how the components are connected to each other.](./media/partner-grit-iam/grit-b2b2c-architecture.png)
4544

4645
This integration is composed of the following components:
4746

4847
- **Azure AD B2C Identity Experience Framework (IEF)**: An engine that executes user journeys, which can include validating credentials, performing MFA, checking user access. It's aided by the Azure AD database and the API layer, which's configured using XML.
4948

50-
5149
- **Grit API layer**: This layer exposes user profile data and metadata about organizations and applications. The data is stored in Azure AD and Cosmos DB.
5250

5351
- **Grit Onboarding portal**: Used by admins to onboard applications and organizations.
@@ -70,18 +68,17 @@ Use the guidance provided in the following sections to get started with configur
7068

7169
### Step 1 - Setup infrastructure
7270

73-
7471
To get started with setup:
7572

7673
- Contact [Grit support](mailto:[email protected]) to obtain access.
77-
- For evaluation, the infrastructure is deployed in the Grit Azure subscription and you'll be given admin rights.
78-
- After the solution is purchased, Grit engineers install the dev, test, and production version in your Azure subscription.
74+
- For evaluation, the Grit support team will deploy the infrastructure in the Grit Azure subscription and they'll give you admin rights.
75+
- After you purchase the solution, Grit engineers will install the production version in your Azure subscription.
7976
- The infrastructure integrates with your virtual network (VNet) setup, supports APIM (third-party API management) and the firewall.
80-
- Implementation engineers can provide custom recommendations based on your infrastructure.
77+
- Grit implementation engineers can provide custom recommendations based on your infrastructure.
8178

8279
### Step 2 - Create admins in the Admin Portal
8380

84-
The Grit Admin portal is to assign administrators access to the portal where they can perform the following tasks -
81+
Use the Grit Admin portal to assign administrators access to the portal where they can perform the following tasks -
8582

8683
- Add other admins such as super, organization, application admin in the hierarchy depending on their permission level.
8784

@@ -95,27 +92,19 @@ To learn how to assign admin roles, check the [tutorial.](https://app.archbee.co
9592

9693
Use the Onboarding portal for one or more of your customers and their identity provider (IdP) that supports OpenID Connect (OIDC) and SAML. Onboard customers without an IdP, for local account authentication. For B2C applications, enable social authentications.
9794

98-
99-
Make sure you've Azure portal tenant access and the application is configured in the Azure portal.
100-
101-
102-
>[!NOTE]
103-
>To provide a walk-through or demo, some applications are pre-configured in the Azure AD tenant of the Onboarding portal.
104-
10595
The Onboarding portal defines the claims per application and per organization. Thereafter, the portal creates an endpoint URL for the sign-in and sign-up user flow.
10696

107-
10897
To learn how to onboard an organization, check this [tutorial](https://app.archbee.com/doc/G_YZFq_VwvgMlmX-_efmX/8m90WVb2M6Yi0gCe7yor2).
10998

11099
### Step 4 - Integrate applications using OIDC or SAML
111100

112-
The Grit Onboarding portal provides URLs to onboard the applications after onboarding a customer.
101+
After you onboard the customer, the Grit Onboarding portal provides URLs to onboard the applications.
113102

114103
Learn [how your customers can sign up, sign in, and manage their profiles](add-sign-up-and-sign-in-policy.md?pivots=b2c-custom-policy).
115104

116105
## Test the scenarios
117106

118-
Run through the authentication scenarios in the applications. Ensure there's a super admin for the tenant. You can use the Admin portal to change roles and user properties. Provide delegated access to Admin portal by inviting users.
107+
Check the authentication [scenarios](## Scenario description) in your applications. Use the Grit Admin portal to change roles and user properties. Provide delegated access to Admin portal by inviting users.
119108

120109
## Next steps
121110

0 commit comments

Comments
 (0)