Enterprise B2C portal



US based company required to develop a centralized portal for internal users (Corp, Sales and Ops), External clients (Salesforce existing clients, Subcontractor partners (Salesforce existing vendors), public/anonymous client prospects, public/anonymous subcontractor prospects) providing varying/appropriate authentication & access and presenting them with a list of services as per their roles & permissions.

Below are the main features implemented in this portal:

  • Authentication of Internal users via Active Directory
  • Authentication of External (known clients and partner-vendors) users via B2C-MFA-Azure Tenant methods
  • Facility for new client prospects to request an order of magnitude non-qualified quote by providing specific N/Q Quote form inputs.
  • Facility for new subcontractor prospects to request con by providing specific N/Q Quote form inputs.
  • User’s post authentication, as per their role defined, they will be able to access the services in the portal – presents the features access.
  • It supports following user types:
    • Internal Users
    • External Clients
  • It provides following services such as:
    • Login authentication via B2C MFA Azure service
    • Submit Order for the list of client’s services.
    • Data Exchange –using DropBox storage provider.
    • Direct access request-response to Salesforce for specific client data
    • Pass data to a queue or directly to MS Azure DataLake Gen2

Azure Active Directory B2C tenant method:

Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs. Azure Active Directory B2C (Azure AD B2C) is a customer identity access management (CIAM) solution capable of supporting millions of users and billions of authentications per day. It takes care of the scaling and safety of the authentication platform, monitoring and automatically handling threats like denial-of-service, password spray, or brute force attacks.


Azure AD B2C uses standards-based authentication protocols including OpenID Connect, OAuth 2.0, and SAML. It integrates with most modern applications and commercial off-the-shelf software.


Submit Order:

This service is available for External client group. Using it they can submit the work order for the list of services access they have for. 3rd Party storage provider is being used to upload/download document to and from i.e., DropBox. As soon as order is submitted, this data is being captured by Salesforce in the form of opportunity, it processes the order and an unique Salesforce identifier is stored against each order. This allows real time status changes for each order for the clients.


View Orders:

It allows clients to see all their orders by status i.e., Unsubmitted, Pending/Active, Completed or All orders.


External Client Activity in the portal:

External client is authenticated via Azure B2C MFA service and depend on group assigned to this user, following list of service this user can access:

  • Request a quote:
    • External authenticated client would have facility to request for a quote.
    • This application will provide predefined set of questionnaires for the same.
    • Once information has been submitted by the client, administrator will get a notification and able to access it via portal to analyze and provide a quote for the same.
  • Access to Salesforce community:
    • External client user will be able to access salesforce client community if access is given to an assigned role.
  • Submit work order.
  • Data Exchange:
    • If external client wants to share some artifacts, some other documents then system would allow them to share it via a secured option like DropBox.
  • Access to CAM and PPM data and reports.

System Architecture:

System architecture for this portal is defined considering the facts that it will streamline the external clients and the internal operations access. To be effective, an architecture must have several qualities or characteristics that will have to be taken into the consideration while defining the system.

A system architecture is the conceptual model that defines the structure, behavior, and more views of a system. An architecture description is a formal description and representation of a system, organized in a way that supports reasoning about the structures and behaviors of the system.

Proposed system architecture defined considering the facts that it will streamline the external clients and the internal operations access. To be effective, an architecture must have several qualities or characteristics that will have to be taken into the consideration while defining the system.

Below are some of the important characteristics that are considered while defining the system architecture.


Security is necessary to provide integrity, authentication, and availability. Software security is one major concern that is required to build trustworthy software systems.


An architecture should be strong and not be vulnerable to minor changes in the systems. This specifically focuses on handling unexpected termination and unexpected actions.


The architectures should prove to be durable with the passage of time and be resilient to changes in the business and technical environments that might occur over the lifetime of the architectures.


This is an ability of a software to grow and manage increased demand. The scalability of software is important to growing businesses. After all, it is typically more economical to upgrade current systems than replace them with new ones.


The architectures must be flexible and be able to adapt to changing conditions and provide enough guidance for implementation teams that have the knowledge of their discipline to make the important and necessary decisions about technical problems and opportunities.


It should be possible to verify that the architecture will perform as designed and that there would not be side effects that result from the architecture and the parts of the enterprise that it impacts.


Traceability is also important for analysis. If a requirement changes, then you can use traceability to determine the impact of change.


This characteristic specifically refers to the ease with which you can repair, improve and understand the system. This is an important characteristic that is important factor eases developer effort, decreases costs, and frees up resources.

Loosely Coupled

Loosely coupled system can be measured by mapping the maximum number of element changes that can occur without adverse effects.

Below is the system diagram that explains the typical layers of a web application’s architecture:


Considering the Separation of Concerns and responsive support Model-View-Controller (MVC) architecture is recommended as it is considered as one of the most trusted and powerful frameworks for developing web applications. Diagram below represents the overall architecture of the application: