Azure B2C Signup Email missing from Microsoft Graph API?

Question

We have a tenant where we use Azure B2C for handling logins to a customer portal we are developing. When we create a user we are able to choose which login type we would like to use. Here we choose "Email" and complete the registration.

In the API we fetch all the users via Microsoft Graph API and none of the fields returned contain the "Email" we chose while registrering the user.

When running /me/ through the Graph API we see the "Mail"-field is filled, but not while querying /users/.

UserPrincipalName is diplaying the correct email when browsing the user in the Azure B2C Control Panel. But the Graph API query shows userPrincipalName as {guid}@{tenant}.onmicrosoft.com.

In addition the email property is empty and disabled in Azure B2C.

How do I extract the "Email" used in the registration of a new user in Azure B2C via the Microsoft Graph API?

Screenshot showing before and after registration

Response from Microsoft Graph API:

{Microsoft.Graph.User}  Microsoft.Graph.User
    DisplayName "MyEmail Test"  
    Id  "c04b6e19-503c-4035-b2ab-c763765b8e4c"  
    ODataType   "microsoft.graph.user"  
    UserPrincipalName   "916863de-42ac-449e-bec6-6f59d706c870@{tenant}.onmicrosoft.com" 

Answer 1

The E-mail address is added to the signInNames property of the user object but signInNames property is not available in the Graph API.

You can get the email of the Azure AD B2C user with from identities collection using below query.

https://graph.microsoft.com/beta/users/userid?select=identities

Regarding the mail user attribute, it stores the SMTP address for the user. Example: when you send the B2C user invite (verification code for their mailbox) then the user email is added to the mail attribute.

Please refer the User attributes document https://learn.microsoft.com/en-us/azure/active-directory-b2c/user-profile-attributes