Menu
I've decided on using the Microsoft.Graph .NET SDK instead of using the old Azure Graph API with manual HTTP requests.
The problem is that when I try to create a new user with some email, e.g. [email protected]
var req = _client.Users.Request();
var userRes = req.AddAsync(new User()
{
AccountEnabled = true,
DisplayName = user.Email,
MailNickname = user.GivenName,
GivenName = user.GivenName,
Surname = user.SurName,
UserPrincipalName = user.Email,
PasswordProfile = new PasswordProfile()
{
Password = user.Password,
ForceChangePasswordNextSignIn = true
},
PasswordPolicies = "DisablePasswordExpiration, DisableStrongPassword",
Country = user.Country,
City = user.City,
PostalCode = user.ZipCode
}).Result;
I get an exception that says 'Property userPrincipalName is invalid'
I'm only able to create the user when I use an email with the tenant as a domain, e.g. [email protected]
But this is not what I need.
I need to be able to create actual external users programaticaly.
With Azure Graph API it works Is there a way to make it work with the Microsoft Graph API?
328
Under Azure services, select Azure AD B2C. Or in the Azure portal, search for and select Azure AD B2C. In the left menu, under Manage, select Users. Select + New user.
Azure Active Directory (Azure AD) Graph is deprecated and will be retired at any time after June 30, 2023, without advance notice, as we announced in September, 2022.
Go to the app's API permissions page. Select Add a permission and then choose Microsoft Graph in the flyout. Select Delegated permissions. Use the search box to find and select the required permissions.
According to Github at https://github.com/Azure-Samples/ms-identity-dotnetcore-b2c-account-management. Now you can use Microsoft Graph to create a new user for Azure AD B2C, code from https://github.com/Azure-Samples/ms-identity-dotnetcore-b2c-account-management/blob/master/src/Services/UserService.cs
var result = await graphClient.Users
.Request()
.AddAsync(new User
{
GivenName = "Casey",
Surname = "Jensen",
DisplayName = "Casey Jensen",
Identities = new List<ObjectIdentity>
{
new ObjectIdentity()
{
SignInType = "emailAddress",
Issuer = tenantId,
IssuerAssignedId = "[email protected]"
}
},
PasswordProfile = new PasswordProfile()
{
Password = Helpers.PasswordHelper.GenerateNewPassword(4, 8, 4)
},
PasswordPolicies = "DisablePasswordExpiration",
AdditionalData = extensionInstance
});
Currently, you can't use Microsoft Graph to create users in an Azure AD B2C tenant, because it doesn't support a few of the user properties (including the creationType and signInNames properties) that are used by Azure AD B2C.
You must use Azure AD Graph for this.
Note: When you create users in an Azure AD B2C tenant be setting the creationType property to LocalAccount, then the userPrincipalName property doesn't have to be set, because it's the signInNames property that contains the e-mail address of the external user.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
