2

I used Microsoft Graph API PHP SDK to add user in my Azure Active Directory B2C. I managed to create users with a userPrincipalName like name@mytenantid.onmicrosoft.com.

I wasn't able to add users with a GMail address such as john.doe@gmail.com.

I tried to add the signInNames collection but I got the following response: 

Fatal error: Uncaught GuzzleHttp\Exception\ClientException: Client error:
POST https://graph.microsoft.com/v1.0/users resulted in a 400 Bad Request
response: 
   { "error": { 
       "code": "Request_BadRequest", 
       "message": "Invalid property 'signInNames'.", 
       "innerError": (truncated...)

Here is my JSON request body :

{
    "accountEnabled": true,
    "displayName": "John Doe",
    "userPrincipalName": "john@doe.fr",
    "creationType": "LocalAccount",  
    "passwordProfile" : {
        "forceChangePasswordNextSignIn": true,
        "password": "P@!ssWor?D"
    },
    "signInNames": [
        {
            "type": "emailAddress",
            "value": "john@doe.fr"
        }
     ]
}
Marc LaFleur
  • 31,987
  • 4
  • 37
  • 63
Aldwen
  • 338
  • 4
  • 14
  • 1
    [Not supported yet, see this SO post, use AAD Graph API](https://stackoverflow.com/questions/43770376/which-graph-api-should-be-used-with-azure-ad-b2c): `https://graph.windows.net` – spottedmahn Sep 08 '17 at 15:00
  • i think this functionnality was added in the 1.6 version in july. Look at https://msdn.microsoft.com/fr-fr/library/azure/ad/graph/api/users-operations (Chapter "Create a user (local account)") – Aldwen Sep 08 '17 at 15:46
  • I suspect that applies to AAD not B2C – spottedmahn Sep 08 '17 at 16:32

2 Answers2

3

You're confusing Microsoft Graph API with the Azure AD Graph API. These are two different APIs. While they share a lot of functionality, calls to these APIs are not interchangeable.

The User object in Microsoft Graph API doesn't support a signInNames property. This is why it is returning that error.

Local account users are not supported by Microsoft Graph API at the moment.

Marc LaFleur
  • 31,987
  • 4
  • 37
  • 63
0

In case if someone will still have the same problem, in MS Graph Api you can use "identities" instead of "signInNames" and your JSON will look like

{
   "accountEnabled":true,
   "displayName":"John Doe",
   "userPrincipalName":"john@doe.fr",
   "creationType":"LocalAccount",
   "passwordProfile":{
      "forceChangePasswordNextSignIn":true,
      "password":"P@!ssWor?D"
   },
   "identities":[
      {
         "signInType":"emailAddress",
         "issuer":"<your tenant domain name>",
         "issuerAssignedId":"john@doe.fr"
      }
   ]
}
Ievgen Mazur
  • 1
  • 2