AzureADB2Cにおけるユーザーアカウント削除のベストプラクティスについての質問

Question

Dear Microsoft

Thank you for your assistance.

We are looking to implement the ability to delete user accounts using AzureADB2C.

We would appreciate it if you could provide us with best practices on the following

1. How to realize the function of deleting user accounts in AzureADB2C

　Are there any general best practices for deleting user accounts?

➁Client is for implementation in mobile apps (Android, iOS)

　We would like to realize the client on mobile apps (Android, iOS), preferably on native UI instead of web.

　Is there an optimal method for mobile apps?

③About account deletion using GraphAPI

　We do not want to execute account deletion using GraphAPI directly from the client because it requires the executing user to have administrator privileges.

https://learn.microsoft.com/en-us/graph/api/user-delete?view=graph-rest-1.0&tabs=http

　　Delete a user

　Is there another approach to delete a user account instead of executing directly from the client?

Thank you for your time and I would appreciate your response.

Thank you in advance for your time.

Answer 1

Hi @Ryu, Toutou (SEC)

You can also delete user accounts from the server by using application permissions. However, whether you use the client or the server to delete users, you must grant administrator permissions to the call principal, because delete users is a sensitive operation, and only administrators have permission to perform this operation.

Hope this helps.

If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.