Scope of Services

• Design and deploy Azure Functions to handle identity events (such as user creation, modification, or access requests) in an event-driven architecture.
• Implement and manage Microsoft Entra External ID Custom Authentication Extensions to integrate with custom APIs, approval workflows, and lifecycle events for B2B and B2C users.
• Build and maintain Custom Claims Providers to enrich tokens with claims sourced from external systems or logic (e.g., department, employment status, role validation).
• Develop workflows that provision access based on defined criteria and automatically revoke access when those criteria change such as department, division, or job title changes by integrating with internal data sources and identity signals.
• Integrate custom identity flows with external systems (e.g., SQL databases, REST APIs, HR systems) to support access validation, entitlement management, and sponsor-based models.
• Ensure robust error handling, logging, and monitoring within Azure Functions and all identity-related components.
• Collaborate with external stakeholders to interpret legal and governance requirements and translate them into enforceable technical solutions.
• Document solution architecture and identity workflows using Visio or similar tools and actively contribute to improving identity governance processes.

Minimum Qualifications

• Strong hands-on experience with Azure Functions (C# or JavaScript) in production environments.
• Deep understanding of Microsoft Entra ID / Azure AD, External ID (B2B/B2C), and

identity federation principles.

• Experience with Microsoft Graph API, RESTful services, and secure API design.
• Familiarity with claims-based authentication and building custom claims providers.