3
votes

Does Microsoft Graph already have functionalities for Azure AD B2C User CRUD?

I found these related SO questions:

But both have answers that are dated 2017, so I am wondering if there are already updates from Microsoft that I am not aware of. I still have not find in my searches.

Below are the links I have found so far that seems to be conflicting each other (some of the links were also mentioned in the other questions).

In (D), it seems to offer options for User CRUD but I am not sure if it is just for Azure AD and not for Azure AD B2C.

Any help is appreciated. Thanks!


A. Azure AD B2C: Use the Azure AD Graph API (Date: 08/07/2017) https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet
It says: You must use the Azure AD Graph API to manage users in an Azure AD B2C directory. This is different from the Microsoft Graph API. Learn more here.

B. Operations on users | Graph API reference (Last Updated: 2/12/2018) https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations
It says: We strongly recommend that you use Microsoft Graph instead of Azure AD Graph API to access Azure Active Directory resources. Our development efforts are now concentrated on Microsoft Graph and no further enhancements are planned for Azure AD Graph API. There are a very limited number of scenarios for which Azure AD Graph API might still be appropriate; for more information, see the Microsoft Graph or the Azure AD Graph blog post in the Office Dev Center.

C. Microsoft Graph or Azure AD Graph (Date: July 8, 2016) https://blogs.msdn.microsoft.com/aadgraphteam/2016/07/08/microsoft-graph-or-azure-ad-graph/

It says: In general, we recommend the use of Microsoft Graph over Azure AD Graph, as Microsoft Graph is where we are investing for Microsoft cloud services.

But then, it says at the bottom: AAD Graph Capability | Status in Microsoft Graph (March 23, 2018) 12. Manage users in a B2C tenant (set local accounts, sign in names) | Coming soon (preview)

D. Microsoft Graph: User resource type https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/user

It list options to Create, Update and Delete user.

1
Hi Marc, why did you remove the tags "azure, azure-active-directory, azure-ad-graph-api"? My understanding is that I will reach more people since the question is related to those tags anyway and might reach out to people who would know the answer. Why the need to remove them?niki b
We are in the process of migrating an ASP.NET Web API to ASP.Net Core. This API currently use Microsoft.Azure.ActiveDirectory.GraphClient to CRUD user through Azure AD Graph API. Microsoft Graph does not support B2C local account. Preview has been announced in May 2017 but I can't find anymore information about it ( dev.office.com/blogs/microsoft-graph-or-azure-ad-graph ). Do you have any timeframe information about local account support in Microsoft Graph? We need clarification in order to proceed with our .NET Core migration.MIMUSH-MSFTE

1 Answers

5
votes

It is a bit ambiguous but I believe it is clear from the Azure AD B2C documentation that "you must use the Azure AD Graph API to manage users in an Azure AD B2C directory".

For example, according to the Microsoft Graph API documentation, you can't create a local account in an Azure AD B2C directory with a sign-in name.

I have also experienced issues which getting and setting a few properties, including any extension properties, for users in an Azure AD B2C directory using the Microsoft Graph API.