9

I have an Azure Ad b2c running up on Azure and I want to create user with inviations in B2C.I tried by creating Guest user but that user is unable to login. because that user is created as B2B user.

I also tried by adding user manually. but I am not able to add my own domain. eg. user@xxxx.onmicrosoft.com. but I want to create user@gmail.com.

I googled it a lot and I found that i have to add a custom domain for that. when I tried to do so I found that I have to register my domain in DNS registrar. which is not run long in future.

I also followed the related question on stack overflow that is .

How do you add a user with a local name in Azure Active Directory B2C?

So what I want is , I add a user by and invitation and that user should be enable to login.

Can you help me to get rid of this problem?

I am breaking my head for last 4 days.

Thanks a lot.

Tejinder Singh
  • 1,070
  • 2
  • 8
  • 24
  • Is this an Azure AD B2C user that will sign in to use your B2C apps? Or a guest user that will sign in to administer your B2C tenant? – Chris Padgett Jun 27 '18 at 01:44
  • @ChrisPadgett, Yes this is the Azure Ad b2c user , who will login to my B2C app. but I want this to be done by sending the invitation to user and then he/she will create credentials for this. like we do in guest user invitation. we can't login with guest.is there any way we can make a guest user a member user ? – Tejinder Singh Jun 27 '18 at 08:57
  • Hi @Tejinder: See my below answer. – Chris Padgett Jun 27 '18 at 10:03
  • @ChrisPadgett, thanks for the answer, can we create the local account using custom policies ? – Tejinder Singh Jun 27 '18 at 10:24
  • 1
    Hi @Tejinder: Users can create themselves using a custom policy but you can't create them using one. You must use the Azure AD Graph API to do this. – Chris Padgett Jun 27 '18 at 10:27
  • @ChrisPadgett, you have mentioned easiest solution as well as hardest, I just want to know which one is best to create member users by sending invitations ? – Tejinder Singh Jun 27 '18 at 10:34
  • You can't create accounts by sending invitations. You must create an account and then send an email inviting the new user to reset their password. – Chris Padgett Jun 27 '18 at 10:40
  • @ChrisPadgett, by which solution I can achieve the above ? – Tejinder Singh Jun 27 '18 at 10:43
  • 1
    Hi @Tejinder: Both solutions implement this. The first one is easier to implement using basic policies but it might be inconvenient for the new user who will have to click "Forgot your password?" on your sign-in page, enter a verification code that is sent to their email address, and then enter a new password before they are authenticated. The second one is harder to implement using custom policies but it skips the verification step. – Chris Padgett Jun 27 '18 at 21:55
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/173940/discussion-between-tejinder-singh-and-chris-padgett). – Tejinder Singh Jun 28 '18 at 05:55

2 Answers2

19

The easier solution is to create a local account in the Azure AD B2C directory through the Azure AD Graph API and then send an email message to the new user with instructions to "forget their password" which you have randomized.

The harder solution is to implement the invitation flow using a custom policy.

This invitation flow is described here and implemented here.

The invitation flow invites a new user by pre-registering a local account in the Azure AD B2C directory through the Azure AD Graph API and then sending a signed redemption link to the email address for this local account.

This redemption link directs the new user to the password reset policy.

Chris Padgett
  • 14,186
  • 1
  • 15
  • 28
0

You can only add B2C users to an Azure Active Directory B2C tenant. Which is different from a normal Azure Active Directory tenant. You need to specify a tenant to be a B2C tenant at creation, and this cannot be changed later.

More information on creating a B2C tenant can be found in Tutorial: Create an Azure Active Directory B2C tenant

rickvdbosch
  • 14,105
  • 2
  • 40
  • 53