Update the Custom User attribute claims on signup flow

Alagendran Natarajan 1 Reputation point
2022-11-01T06:55:17.707+00:00

Hello,

We have a Single Sign on requirement as below

  1. On Signup user flow, the user should get registered in Azure and at the same time we have a custom application where we create a customer with a dummy password
  2. In the same sign up flow or via separate API I need to pass on some data (customerId) from the custom application back to Azure as User attribute in the claims.

Could you please guide on how to achieve this in clear step by step process. I have gone through the documentation but unable to work this out as a complete flow

Thanks in advance.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,635 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,436 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akshay-MSFT 16,026 Reputation points Microsoft Employee
    2022-11-02T16:59:41.827+00:00

    Hello @Alagendran Natarajan

    Thanks for posting your query on Microsoft Q&A. In order to return custom attributes from API to IDP you could try Enrich tokens with claims from external sources using API connectors

    256502-image.png

    Custom attributes exist in the extension_<extensions-app-id>_CustomAttribute format in the directory. Your API should expect to receive claims in this same serialized format. For more information on custom attributes, see Define custom attributes in Azure AD B2C.

    • When the web API receives an HTTP request from Azure AD during a user flow, it can return a "continuation response."A continuation response indicates that the user flow should continue to the next step: issuing the token.

    In a continuation response, the API can return additional claims. A claim returned by the API that you wish to return in the token must be a built-in claim or defined as a custom attribute and must be selected in the Application claims configuration of the user flow.

    Example request sent to the API at this step

    256433-image.png

    Example of a continuation response

    256522-image.png

    Please do let me know if you have any further queries in the comments section.

    Thanks,
    Akshay Kaushik

    Please "Accept the answer" and "Upvote" if the suggestion works as per your business need. This will help us and others in the community as well.

    0 comments