Is Azure AD B2C a good fit for public facing web application?

Question

I have a scenario where I want my Web Application front end to be able to Signup and sign in users and then an admin to be able to assign users to some pre defined roles.

I was able to do that by registering the application in Azure AD and introducing the app roles in App's Manifest file and later I assigned few users to their appropriate roles.

Then I implemented default signupIn flow but the assigned roles are not part of the returned claims in idToken.

idea was to send these roles info in tokens to the Backend api where [Authorize, Role="xxx"] attribute will take care of it.

is there any other solution to this kind of a scenario that I am missing ?

in the documentation is see it mentions "App Role" link on the left nav https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps but i don't see any such link on left. Am i missing something ?

Answer 1

finally figured it out. i was not understanding the difference between Azure ad Tenant and Azure AD B2C tenant. when i registered my app in azure ad tenant , created app roles form UI and assigned users some roles after going from Enterprise app, i was able to see thoes roles in returned token.