Programmatically switch 'local' IdentityProvider to Username via MS Graph API in Azure AD B2C

1
votes

I'm trying to script a B2C tenant and need to switch the Local Accounts Identity Provider to be Username based instead of email as per below picture.
MS Graph API returns an empty list for the path GET https://graph.microsoft.com/beta/{tenantid}/identityproviders.
Is it possible to switch this programmatically?
I can migrate to the trustframework policy xml upload method if necessary but it seems like overkill.
enter image description here

1
azuremicrosoft-graph-apiazure-ad-b2c

1 Answers

2
votes

The scene you described should be for Azure AD B2C instead of Azure AD B2B.

It has a limitation in Microsoft Graph currently.

When we try to List identityProviders, local account identity Provider won't be listed in the response. See reference here.

The supported types for identityProviders are:

  • Microsoft
  • Google
  • Amazon
  • LinkedIn
  • Facebook
  • GitHub
  • Twitter
  • Weibo
  • QQ
  • WeChat

So I'm afraid that we can't update the local account identity Provider via Microsoft Graph API.

If you are using user flow, I think the easiest way is to change it in Azure Portal.

If you can use custom policy, modify the configuration in custom policy is necessary.