Reputation: 991
How to pre-create federated Azure AD (AAD) users in Azure AD B2C?
I have our main AAD federated to our Azure AD B2C using OpenID Connect. For metadata I'm using the following endpoint: https://login.microsoftonline.com/{tenant_id}/v2.0/.well-known/openid-configuration
This set up works fine when users are sign up. When a user signs up, a user is created in B2C. But I need to create these users in advance. For this purpose, I'm using Microsoft Graph APIs to create users. The following code creates a user in B2C but it is not correctly linked to AAD user. When I try to login with AAD user in B2C, it gives me following error
AADB2C99002: User does not exist. Please sign up before you can sign in.
var user = new User
{
AccountEnabled = true,
DisplayName = "Last, First",
Identities = new List<ObjectIdentity>()
{
new ObjectIdentity
{
SignInType = "federated",
Issuer = "https://login.microsoftonline.com/{tenant_id}/v2.0",
IssuerAssignedId = "{**unique_user_object_id_from_federated_active_directory**}"
}
},
PasswordPolicies = "DisablePasswordExpiration"
};
Upvotes: 1
Views: 1120
Answers (1)
Reputation: 11315
I demonstrated this scenario here in detail: https://github.com/azure-ad-b2c/samples/tree/master/policies/link-local-account-with-federated-account
Upvotes: 2
Related Questions
- Create a New User For Federated Account in B2C
- Pre-Create Federated Users in Azure B2C Using Graph
- Is it possible to create the Azure AD user account using federated domain via graph api?
- Azure AD B2C user creation
- Pre-register users with Azure AD B2C
- Azure B2C with pre-invited users
- Azure AD B2C Create User with the Graph API
- Azure AD B2C Put newly signed up user in a group
- Creating test users for Azure AD B2C
- Create an Azure AD B2C (Preview) User Programmatically