Azure Active Directory Graph API Access

Arunkumar Duraisamy 0 Reputation points
2023-06-19T09:22:55.9266667+00:00

Hi, I have an app registered as a single tenant. I have to implement SSO in an app, so there are new users coming into our app, for that, I'm using graph API to create a new user in AAD, the credentials used for creating a new user are Microsoft Personal Account Credentials, so I'm getting an error like below,

        "code": "Authorization_IdentityNotFound",       
	     "message": "The identity of the calling application could not be established.",

Should we only want to use Business account?

Microsoft Security Microsoft Entra Microsoft Entra ID
Microsoft Security Microsoft Graph
{count} votes

1 answer

Sort by: Most helpful
  1. CarlZhao-MSFT 46,366 Reputation points
    2023-06-20T02:27:40.32+00:00

    Hi @Arunkumar Duraisamy

    You cannot create a personal account in a tenant, you can only invite a personal account to the tenant as a guest.

    You can invite directly in the Azure portal or through the graph API.

    Through the Azure portal:

    User's image

    Through the graph API:

    POST https://graph.microsoft.com/v1.0/invitations
    Content-type: application/json
    
    {
      "invitedUserEmailAddress": "******@fabrikam.com",
      "inviteRedirectUrl": "https://myapp.contoso.com"
    }
    

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.