1

I am building a Blazor Server web app that will have locked features only accessible via paid subscription (payment handled with stripe).

I am using Azure AD B2C for user management/authentication.

I also have an Android and iOS app built with Xamarin, from which users will be able to subscribe to the service (payment handled with Android/iOS built-in payment service), and therefore have full access to the web app.

What is the right approach to save the fact that a user has completed payment, and retrieve that data on future sign up ?

I read about custom attributes in Azure AD B2C, so maybe I should build the system on top of Azure AD B2C, but I am not sure it is the appropriate approach for this use case.

Thanks in advance

Zeppelin
  • 99
  • 1
  • 8

1 Answers1

1

Yes, you could use a custom policy and custom attributes if you have a simple system where you just want to store a value and deny access during login if the value is not set.

For anything more complicated, rather store all the details in a DB and access it via a REST API.

Update

You can access the attribute direct from custom policies. You just read and write it like any other attribute.

If you want to use the Graph API, be aware the name is different.

rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • The system is very simple: as you mentioned, I only need to store a boolean value (IsPremiumAccount), and retrieve it at login. It seems that I need to create a boolean custom attribute on Azure for users, and then use the Graph API to get and update that value. Do you confirm it is the right approach ? – Zeppelin May 14 '22 at 12:18