Azure Graph API can't create localaccount without domain in userPrincipalAccount

Question

I am creating users using the Azure Graph API (using Microsoft.Graph;), and I am seeing issues when I try to add local account users. I want to be able to create an account where the user can log in with a username, such as "jimmy" and not have to specify a domain. I am able to do this with the Azure Portal, but not with Graph API.

When I add users through Graph API, the issue is with the userPrincipalName. I must include a userPrincipalName, and userPrincipalName must include a domain. Conversely, when I create a user account with Azure Portal, I do not specify a userPrincipalName, and the userPrincipalName is created automatically with the format being objectid@mydomain.onmicrosoft.com.

In summary, I want to be able to use the graph API to create a user who can log in as "Jimmy" as I can with the Azure Portal, but I am only able to create a user who can log in as jimmy@mydomain.onmicrosoft.com.

Answer 1

You could generate a GUID and set the UPN to "guid@domain.onmicrosoft.com"? If that's what the portal does, shouldn't it be fine for your app too? If you specify an identity for the user with the username type, they should be able to log in with that.

So you can set the user's identities to something like:

{
  "identities": [{
    "signInType": "userName",
    "issuer": "mydomain.onmicrosoft.com",
    "issuerAssignedId": "jimmy"
  }]
}

And the UPN can be the generated one with the GUID.

Reference: https://learn.microsoft.com/en-us/graph/api/resources/objectidentity?view=graph-rest-1.0