How to add signInNames from legacy Azure AD B2C Graph to MS Graph User during migration?

Views: 31
Comments: 0
Like/Unlike: 0
Posted On: 10-Oct-2024 05:03

Share:

Rahul M...

4906 Points

26 Posts

c#.net-8.0 azure-ad-b2c

During the migration from AD B2C Graph to MS Graph API, you'll notice that the signInNames property is not available in the MS Graph User object. This article will guide you on how to migrate to the corresponding property in MS Graph User.

In Legacy Azure AD B2C Graph

Querying user like:

var response = await GetAsync<GraphResponse<User>>("/users", $"$filter=signInNames/any(x:x/value eq '{emailAddressOrUserName}')");

https://graph.windows.net/{tenant}/users?api-version=1.6&$filter=signInNames/any(x:x/value eq '{emailAddressOrUserName}')

User model as:

{
  "accountEnabled": true,
  "creationType": "LocalAccount",
  "displayName": "Alece Wu",
  "passwordProfile": {
    "password": "Test1234",
    "forceChangePasswordNextLogin": false
  },
  "signInNames": [
    {
      "type": "userName",
      "value": "AleceW"
    },
    {
      "type": "emailAddress",
      "value": "AleceW@example.com"
    }
  ]
}

In MS Graph API

In the Microsoft Graph API, both local and federated identities are stored in the user identities attribute, which is of type objectIdentity. The identities collection represents the various identities that can be used to sign in to a user account, allowing users to access their accounts using any of the associated identities.

So we don't have signInNames in MS Graph API and we will use Indentities instead of signInNames property.

Querying user like:

public async Task<User> GetByEmailAsync(string emailAddressOrUserName)
{
    var userCollection = await _graphServiceClient.Users.GetAsync((requestConfiguration) =>
    {
        requestConfiguration.QueryParameters.Filter = $"identities/any(x:x/issuerAssignedId eq '{emailAddressOrUserName}' and x/issuer eq '{tenant}..onmicrosoft.com')";                
        requestConfiguration.QueryParameters.Select = new string[] { "displayName", "givenName", "postalCode", "identities" };
    }).ConfigureAwait(false);

    return userCollection.Value.FirstOrDefault();
}

https://graph.microsoft.com/v1.0/users?$filter=identities/any(x:x/issuerAssignedId eq '<emailAddressOrUserName>' and x/issuer eq '<issuer>'&$select=id,displayName,department

Set Model as:

Identities = new List<Microsoft.Graph.Models.ObjectIdentity>()
{
    new Microsoft.Graph.Models.ObjectIdentity()
    {
        Issuer="{YourTenantName}.onmicrosoft.com",
        IssuerAssignedId="EmailAddress",
        SignInType ="emailAddress"                               
    }
}

User Model as:

var jsonObject = new JObject
    {
        { "accountEnabled", true},
        { "displayName", "Anthony Giretti"},
        { "givenName", "Anthony"},
        { "surname", "Giretti" },
        { "passwordPolicies", "DisablePasswordExpiration"},
        { "passwordProfile", new JObject
            {
                {"password", "MyPassword123456*"},
                {"forceChangePasswordNextSignIn", false}
            }
        },
        {"identities", new JArray
            {
                new JObject
                {
                    { "signInType", "emailAddress"},
                    { "issuer", $"{YourTenantName}.onmicrosoft.com"},
                    { "issuerAssignedId", "AnthonyTest4@gmail.com"}
                }
            }
        }
    };