Reputation: 141
I have this scenario working properly on ADB2C following this tutorial I can create users using ADAL. (here is the context for the scenario)
My goal is to send user invitation (email) to get him on board on my appp.
I found that on graph.microsoft.com (the MS Graph and not the AD graph) there is the invitation manager that can be used for that purpose and may be is the way that invitation gets triggered if you create user on the B2C azure portal.
AuthorizationCodeReceived = async (context) =>
{
// get authentication context
string userObjectID = context.AuthenticationTicket.Identity.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
AuthenticationContext authContext = new AuthenticationContext($"https://login.microsoftonline.com/{AuthenticationHelper.Tenant}", new NaiveSessionCache(userObjectID));
ClientCredential credential = new ClientCredential(AuthenticationHelper.ClientId, AuthenticationHelper.AppKey);
AuthenticationResult result = await authContext.AcquireTokenAsync("https://graph.windows.net", credential);
// ----> Token used on the authorization header for AD user management and work properly
AuthenticationHelper.Token = result.AccessToken;
// Token for MS graph
ClientCredential MSCredential = new ClientCredential(AuthenticationHelper.MSClientId, AuthenticationHelper.MSAppKey);
AuthenticationResult resultMSGraph = await authContext.AcquireTokenAsync("https://graph.microsoft.com", MSCredential);
// ----> Token used on the authorization header for MS Graph and is not working !!
AuthenticationHelper.MSGraphToken = resultMSGraph.AccessToken;
},
Thanks for your help
Upvotes: 1
Views: 1004
Reputation: 10656
The invitation manager API on the Microsoft Graph is not supported for Azure AD B2C. At this time, the invitation manager API is intended for enterprise/regular Azure AD tenants to invite other users as guests (see Azure AD B2B Collaboration).
There is already an entry in the Azure AD B2C UserVoice forum asking for the ability to send email invitation for new users to sign up. I'd recommend you vote for this entry to help us prioritize it and also to stay up to date on it's progress.
In the interim, you'll have to implement this yourself, either a simple welcome email or a more complex "redeem code" workflow.
Upvotes: 7