Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,265 questions
Creating users from another Tenant in B2C.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 75%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
Kevin Dule
65
Reputation points
Hello @ everyone
I am writing you about a problem that we are facing in our B2C sign in policy. So we have define two methods of login, one of them is using an Azure Entra ID. Also we have to create users that have to access this app in B2C Tenant. I have prepared a PSH script using MicrosoftGraph for creating in B2C Tenant users from Azure Entra ID.
# Connect to Microsoft Graph
Connect-MgGraph -Scopes "User.ReadWrite.All"
# Path to your CSV file
$csvPath = "C:\PathToCSVEntraIDUsersToB2C"
# Read users from CSV file
$userList = Import-Csv -Path $csvPath
# List to store created users and their passwords
$createdUsers = @()
# Function to generate a random 15-character password
function Generate-RandomPassword {
$length = 15
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()"
$password = -join ((1..$length) | ForEach-Object { $chars[(Get-Random -Maximum $chars.Length)] })
return $password
}
# Loop through each user in the CSV file
foreach ($user in $userList) {
$email = $user.Email
# Generate a unique ObjectId for the user
$guid = [guid]::NewGuid().ToString()
# Generate a random 15-character password
$randomPassword = Generate-RandomPassword
# Define the new identities to be added for each user
$identities = @(
@{
signInType = "federated";
issuer = "https://login.microsoftonline.com/XXXXX-XXXXX-XXXXXX-XXXXX/v2.0";
issuerAssignedId = $guid;
}
)
# Define the user creation parameters
$userParams = @{
AccountEnabled = $true
DisplayName = $email
MailNickname = $email.Split('@')[0]
UserPrincipalName = "cpim_$guid@YYYYY.onmicrosoft.com" # Set UserPrincipalName with cpim_ prefix
Identities = $identities
PasswordProfile = @{
ForceChangePasswordNextSignIn = $true
Password = $randomPassword # Use generated password
}
}
try {
# Create the user
New-MgUser @userParams
Write-Host "Successfully created user: $email"
# Store the created user and password
$createdUsers += [PSCustomObject]@{
Email = $email
Password = $randomPassword
}
} catch {
Write-Host "Failed to create user: $email. Error: $_"
}
}
# Print the list of created users and their passwords
Write-Host "Created Users and Their Passwords:"
$createdUsers | Format-Table -AutoSize
Script is executed succesfully and users are created okay/
But it is same error:
error_description: AADB2C99002: User does not exist. Please sign up before you can sign in.
What do you suggest to me?
{count} votes
-
James Hamil 25,236 Reputation points Microsoft Employee2024-08-29T18:58:08.7366667+00:00 Hi @Kevin Dule , this could be because the users haven't been fully provisioned in your tenant yet.
When you create a user it can take some time for the user to be fully provisioned and available for sign-in. This delay can be up to several hours, depending on the size of your tenant and the number of users being provisioned.
What happens if you wait a little and try again?
Sign in to comment
Sign in to answer