Invite user as Member

Question

I'm trying to update my existing app with some new features. App uses Azure B2B API and invites users as guests. It works well, but it causes issues with some emails that marked as mastered in their tenants.

Is there a way to invite user with user type = Member?

Answer 1

Is there a way to invite user with user type = Member?

Yes, we could do that with Microsoft.Graph. The default type is Guest,we could change it with the following code. I test it with Microsoft.Graph permission: Directory.ReadWrite.All

 string authority = "https://login.microsoftonline.com/{0}";
 string graphResourceId = "https://graph.microsoft.com";
 string tenantId = "xxxxxx";
 string clientId = "xxxxxx";
 string secret = "xxxxxx";
 authority = String.Format(authority, tenantId);
 AuthenticationContext authContext = new AuthenticationContext(authority);
 var accessToken = authContext.AcquireTokenAsync(graphResourceId, new ClientCredential(clientId, secret)).Result.AccessToken;
            var graphserviceClient = new GraphServiceClient(
                new DelegateAuthenticationProvider(
                    requestMessage =>
                    {
                        requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", accessToken);

                        return Task.FromResult(0);
                    }));
            var dic = new Dictionary<string, object> { { "@odata.type", "microsoft.graph.invitedUserMessageInfo" } };

            Invitation invitation = new Invitation
            {
                InvitedUserEmailAddress = "email",
                InvitedUserMessageInfo = new InvitedUserMessageInfo { AdditionalData = dic },
                InvitedUserDisplayName = "tomsun-member",
                SendInvitationMessage = false,
                InviteRedirectUrl = "http://localhost",
                InvitedUserType = "Member" //Change the Invited User Type 
            };
            var result = graphserviceClient.Invitations.Request().AddAsync(invitation).Result;

Test Result:

Check it from Azure portal:

Update:

Add permission from Azure portal

Check the access token permission with https://jwt.io/

Update2:

Add the packages.config file.

<?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Microsoft.Graph" version="1.9.0" targetFramework="net471" />
  <package id="Microsoft.Graph.Core" version="1.9.0" targetFramework="net471" />
  <package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="3.19.4" targetFramework="net471" />
  <package id="Newtonsoft.Json" version="11.0.2" targetFramework="net471" />
  <package id="System.IO" version="4.3.0" targetFramework="net471" />
  <package id="System.Net.Http" version="4.3.3" targetFramework="net471" />
  <package id="System.Runtime" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.Algorithms" version="4.3.1" targetFramework="net471" />
  <package id="System.Security.Cryptography.Encoding" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.Primitives" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.X509Certificates" version="4.3.2" targetFramework="net471" />
</packages>

Answer 2

Just a second answer to Tom's .

Yes, you can invite a user to be a member in your Tenant. But I don't recommend you do this unless it's neccessary.

Solution:

by PowerShell

New-AzureADMSInvitation -InvitedUserEmailAddress "test@contoso.com" -InviteRedirectUrl https://myapps.microsoft.com -InvitedUserDisplayName 'TestUser' -InvitedUserMessageInfo $messageInfo -InvitedUserType member -SendInvitationMessage $true

by Microsoft Graph API

POST https://graph.microsoft.com/beta/invitations

Content-Type: application/json

Content-Length: 161

{"invitedUserEmailAddress":"test@contoso.com","sendInvitationMessage":true,"inviteRedirectUrl":"http://myapps.onmicrosoft.com","invitedUserType":"member"}