Vulnerability in EPiServer.Forms
I'm currently working with a project with a larger company who today is using CMS version 11 (pretty high) in DXP and moving forward the plan is to build a new site on version 12.
As if now, only admins and editors are logging in on the site, and the company wishes to enable their new and existing customers (50000+) to be able to log in on the site, to utilize customer-specific information and settings, integrating with the CRM.
All customer lies in external CRM and some data may also be saved in CMS, like subscriptions and other website specific settings.
Other third party systems, not directly linked to the CMS may want to use same authentication to authorize customer in a SSO-like manner.
Would AAD B2C be a suitable system/tool for this approach?
I would apprechiate all tips and pointers.
There are a lot of single sign on tools. Azure B2C is an option and I had helped on solutions that implement it. As long as you can get your data from the CRM in to the Azure B2C it can be used. However larger CRM system can be used as SSOs themselves, I've implemented sign on for Salesforce via federated security before when the users in Salesforce can then be managed. The key thing is finding the correct sing on provider for the organization and that can work with Optimizely (which could be most if using standard techniques).