Hi, I am working with Azure AD B2C. I used "API connectors" functionality to provide custom business logic.
One of the requirements is to bind B2C User (by its unique ObjectId) with "local" users database. == store B2C ObjectId inside Users table of that database.
Documentation states that during "Before creating the user", the request coming from Azure to my API will contain ObjectID field. However – no matter what I choose in "Application claims" blade – this field is not available at that stage.
Those two links seems to confirm that it’s not (or at least at that time it was not) possible:
https://github.com/MicrosoftDocs/azure-docs/issues/87086
Has anyone came across such a problem (which seems to be something necessary in case of any custom business logic bound to AD B2C Identity Provider)?
How could I do it in other, easy/not complex way, than just during user creation?
A worker that would be triggered by an event sent by this custom endpoint (used by API connector) which would call GraphAPI to fetch ObjectId and then write it to "local" database seems to be too much for such a case…
3
Answers
Are you using built-in flows?
You can do this with custom policies, i.e. create the user at sign-up. That will return an objectID. Then call the API.
The API connecter triggers before the user is created, so there is no objectId yet. ObjectId is generated after a user object is written to the directory. You can make an API call after the user is created with Custom Policies.
Dont know how late I am, but faced the same issue. Best thing is call the built in write technical profile before your res api call:
Note that from one validation technical profile’s claims are passed to next validation technical profile. Also dont declare any output claim like "ObjectId" in parent technical profile where you have validations.