Add AAD user to Azure API catalog without password

Question

I need to programmatically add user account to Azure API Catalog portal. I use ApiManagementClient class from package Microsoft.Azure.Management.ApiManagement (3.4) and if collection Users does not have a user with a particular e-mail (Azure Active Directory has a user whose username is our company e-mail, for every user that we have in or internal Active Directory) then I'd try to call Users.CreateAsync which will take a parameter of type UserCreateParameters that consists of Email, FirstName, LastName, State and Password.

The issue here is that my user has been added to the portal manually by administrator and my password was not required for that (as it is an AAD user) but this method won't let me create a new user if I don't provide a password.

How can I add an AAD user to the API Catalog, from code and without knowing the password. Otherwise, I won't be able to add an API subscription for a user that has not been added to the portal, yet.

Answer 1

We are working a new nuget package, which has support for that. For now, you can use the rest api https://learn.microsoft.com/en-us/rest/api/apimanagement/user/createorupdate

But you would need to know the unique Id of the User in AAD System. The operation above will create a user which can log-in both using AAD or Basic Auth.

{ "properties": { "firstName": "foo", "lastName": "bar", "email": "foobar@mytenant.onmicrosoft.com" "identities" :[ "provider": "Aad", "id": "<unique id in AAd Tenant>" ] } }