Share via

Graph API - Create Azure AD B2C Consumer User with external email through email invitation

Ramu Balachandran 0 Reputation points
2023-06-06T12:02:44.0633333+00:00

Trying to create a consumer user with their personal email id in Azure AD B2C, using graph API., along with this I also need to trigger the email with a one-time passcode, so the user can self-sign up. But not able to find an option within the graph API, though it only allows me to create a consumer user with the password.

Kindly let us know what the best way to achieve this by code 

Microsoft Security Microsoft Entra Microsoft Entra ID
Microsoft Security Microsoft Graph
Developer technologies C#

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. osjaetor 480 Reputation points
    2023-06-06T19:42:10.5866667+00:00

    Hi Ramu Balachandran,

    Here I suggest a code that I use in my developments:

    using Microsoft.Graph;
using Microsoft.Identity.Client;
using System;
using System.Threading.Tasks;

public class B2CUserSample
{
    private static string clientId = "Client_ID";
    private static string tenantId = "Tenant_ID";
    private static string clientSecret = "Client_Secret";

    public static async Task Main(string[] args)
    {
        IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
            .Create(clientId)
            .WithClientSecret(clientSecret)
            .WithAuthority($"https://login.microsoftonline.com/{tenantId}")
            .Build();

        string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
        AuthenticationResult authenticationResult = await confidentialClientApplication.AcquireTokenForClient(scopes).ExecuteAsync();

        GraphServiceClient graphClient = new GraphServiceClient(new DelegateAuthenticationProvider((requestMessage) =>
        {
            requestMessage.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
            return Task.CompletedTask;
        }));

        string userEmailAddress = "******@youremail.com";
        string oneTimePasscodeEmailTemplateId = "Your_Email_Template_Id";

        Invitation invitation = new Invitation
        {
            InvitedUserEmailAddress = userEmailAddress,
            InvitedUserType = "Consumer",
            InviteRedirectUrl = "https://yourredirecturl.com",
            InvitedUserMessageInfo = new InvitedUserMessageInfo
            {
                CustomizedMessageBody = $"Your Body Message: {{OTP}}",
                AdditionalData = new System.Collections.Generic.Dictionary<string, object>
                {
                    { "otpEmailTemplateId", oneTimePasscodeEmailTemplateId }
                }
            }
        };

        try
        {
            await graphClient.Invitations.Request().AddAsync(invitation);
            Console.WriteLine("Invitation sent successfully.");
        }
        catch (Exception ex)
        {
            Console.WriteLine("Error sending invitation: " + ex.Message);
        }
    }
}

    Regards,

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.