Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

When changing an Azure B2C email adress, do I need to change the UPN as well

In Azure B2C with the GraphAPI I can change the email address of an existing user with a http PATCH command: https://azure.microsoft.com/nl-nl/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/

"SignInNames": [
{
  "type": "emailAddress",
  "value": "[email protected]"
}

This works, and I can login with the new email address.

But this leaves the UPN at the old value, do I need to set the UPN as well, or is there no harm in having the UPN stay at the old email address?

like image 963
Erik Oppedijk Avatar asked Apr 15 '16 11:04

Erik Oppedijk


People also ask

Should UPN match email address?

IT Admin: Office 365 – Why Your User Principal Name (UPN) Should Match Your Email Address. In the Windows operating system's Active Directory, a User Principal Name (UPN) is the name of a user. The User Principal Name is basically the ID of the user in Active Directory and sometimes might not be same as users' email.

What happens if I change UPN?

After a UPN change, users will need to browse to re-open active OneDrive files in their new location. Any links to the files (including browser favorites, desktop shortcuts, and "Recent" lists in Office apps and Windows) will no longer work.

What is the UPN in Azure?

In Microsoft's Active Directory the User Principal Name (UPN) is the unique sign in name or username, that uniquely identifies a user in the Directory. Microsoft uses Azure Active Directory (Azure AD) for all it's online business services (like Microsoft 365, Office 365, Dynamics 365, Power Apps, Azure, etc.)

How do I change my Azure B2C login page?

In the Azure portal, search for and select Azure AD B2C. Select User flows. Select a user flow you want to customize. Under Customize in the left menu, select Page layouts and then select a Template.


2 Answers

Yes, there is no need to update the UPN field.

like image 73
swkrish-MSFT Avatar answered Nov 15 '22 08:11

swkrish-MSFT


Using v1.0 version of Microsoft Graph API, the body of the PATCH request to change the SignIn email address should be as following:

      {"identities":[{
        "signInType":"emailAddress",
        "issuer":"yourTenantName.onmicrosoft.com",
        "issuerAssignedId":"[email protected]"
      }]}
like image 29
Roesmi Avatar answered Nov 15 '22 08:11

Roesmi