How to invite users programmatically on Azure AD B2C on my Single Page Application?

Question

How to invite users programmatically on Azure AD B2C on my Single Page Application?

Clarence Koh 0

I've seen a couple of questions being asked about this but the answers have not been helpful for me.

I have set up a working sign in flow using custom policies in Azure AD B2C for my Single Page Application (written in React JS). A user can only explore the different pages in my application (i.e. routes are protected by checking if the user has signed in already in Azure AD B2C).
Here's my current flow:

When the user enters the link to my website, I immediately direct them to the sign in flow in Azure AD B2C (i.e. loginRediect is called.)
Upon successful login, user is redirected back to my application. There is a payload with the following keys that I can retrieve when the user is re-directed to my application. Here are the keys in the payload, authority, uniqueId, tenantId, scopes, idTokenClaims, account , etc. (I can include more keys if it helps to answer my query). This is retrieved via a callback called on the msalInstance
Now from within my application, I would like to allow users to invite other users by providing their email address, so that they can use my application as well.

What I have tried to do is to retrieve an accessToken to call the Microsoft Graph API for inviting users (https://learn.microsoft.com/en-us/graph/api/invitation-post?view=graph-rest-1.0), (I allowed User.Invite.All in my registered app for my Single Page Application in the API Permissions tab.) But when I run acquireTokenSilent to try to request the accessToken to call the Microsoft Graph API, I get an <empty string> as my accessToken. So there's no way I can even attempt to call the Invitation API.

How then can I invite new users to use my application?

1 answer

Your answer

Answer 1

Antonio 250 Microsoft External Staff

Hi Clarence Koh,

Thanks for posting on Q&A forum. As pre documentation for Supported Azure Active Directory features in Azure AD B2C (See below).

For external invites in B2C you can use user flows and custom policies to manage user


Inviting External Identities guests	You can invite guest users and configure External Identities features such as federation and sign-in with Facebook and Google accounts.	You can invite only a Microsoft account or an Azure AD user as a guest to your Azure AD tenant for accessing applications or managing tenants. For consumer accounts, you use Azure AD B2C user flows and custom policies to manage users and sign-up or sign-in with external identity providers, such as Google or Facebook.

Please see this great example on GitHub of how to implement user invite flow in Azure B2C for a sample console app (.Net core) demonstrating how to send sign-up email invitation.

SignUp with email invitation

--please don't forget to upvote and Accept as answer if the reply is helpful--

Clarence Koh 0 Reputation points

2023-05-28T08:11:37.86+00:00

Hey @msft-an

Thank you for your reply. Is there an example out there on how you can build an ID_Token in Javascript? The example provided is helpful in understanding the general idea, but it is extremely hard to translate the code to working Javascript code.
Antonio 250 Reputation points Microsoft External Staff

2023-05-29T11:55:02.1433333+00:00

Here is a sample Tutorial: Sign in users and call the Microsoft Graph API from a JavaScript single-page app (SPA) using auth code flow
Also, some further elements of using JavaScript for B2C User Flow & Custom Policies. (In this example it is for Google sign in). Further page layout versions in B2C can be reviewed for applicability to create a custom UI.

However, if a full implementation is required, we recommend using the (.Net core) example previously provided.

--please don't forget to upvote and Accept as answer if the reply is helpful--

Share via

How to invite users programmatically on Azure AD B2C on my Single Page Application?

1 answer

Your answer