Share via

Azure Directory : UserPrincipalName is different

Sing Son 1 Reputation point
2021-01-21T18:29:23.483+00:00

Hi

I am creating user on azure AD using identity as shown below:

"identities": [
{
"signInType": "emailAddress",
"issuer": "xyz.onmicrosoft.com",
"issuerAssignedId": "aar.sha@test .com"
}

In success response from create user graph api i got userprincipalname as "userPrincipalName": "8979-953d-21ad-8262-uyhiuj-567@xyz .onmicrosoft.com"

After that i logged into azure portal and checked the user profile, i see the userprincipalname as aar.sha@test .com.

Why the userprincipalname is different?

Also I am not able to update the user using his emailId (aar.sha@test .com which is shown as userprincipalname ) in portal. Got the error that resource does not exist. But when i used the autogenerated upn value which we got in success response , i am to update passsword.
How we can make the upn value same as his personal email id. DO we need to provide any setting in azure portal?
Kindly help me.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,435 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,617 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,506 Reputation points
    2021-01-22T10:55:10.203+00:00

    Hi @Sing Son · Welcome to Q&A platform and thank you for your query.

    This is expected. This method is used to create Social/local account in Azure AD B2C directory, which is similar to signed up user (consumer identity) via Signup/Signin user flow. In case of which, the UPN gets generated automatically.

    To sign-in via email address and password, you need to use User Flow or Custom Policy in B2C. You will not be able to sign in to Azure/Office365 portal using email address and password of the consumer identities as these identities are not supposed to be used for administration purpose.

    If you want to create user for administration purpose and want to specify UPN during creation of the user account, you need to use below method to create a member user account: 

    POST https://graph.microsoft.com/v1.0/users  
Content-type: application/json  
  
{  
  "accountEnabled": true,  
  "displayName": "Adele Vance",  
  "mailNickname": "AdeleV",  
  "userPrincipalName": "AdeleV@contoso.onmicrosoft.com",  
  "passwordProfile" : {  
    "forceChangePasswordNextSignIn": true,  
    "password": "xWwvJ]6NMw+bWH-d"  
  }  
}

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.