Share via

Subscription to Azure AD B2C user change

Gennadii Khotovytskyi 20 Reputation points
Jun 30, 2023, 10:56 AM

Hello, I am currently working on setting up a subscription to Azure AD B2C user changes via the Microsoft Graph API. Despite following the provided documentation closely, I'm encountering an issue that I'm unable to resolve on my own.
Here's a summary of what I've done so far:

  1. Application Setup: I've registered an application in Azure AD with the necessary permissions (User.Read.All) for the subscription.
  2. Notification Endpoint Setup: I've set up a function that should receive notifications from Microsoft Graph. This function appears to be working as expected - it correctly responds with the validationToken during the initial validation request from Microsoft Graph.
  3. Subscription Request: I've attempted to create a subscription to user changes (both "created" and "updated" events) with the following request:

Endpoint: https://graph.microsoft.com/v1.0/subscriptions

Body:

{ 
	"changeType": "created,updated", 
	"notificationUrl": "my-api-endpoint", 
	"resource": "/users", 
	"expirationDateTime":"2023-07-02T10:00:00.0Z", 
	"clientState": "changeset", 
	"latestSupportedTlsVersion": "v1_2" 
}

However, I received an ambiguous error message in response:

{ 
  "error": { 
    "code": "ExtensionError", 
    "message": "Operation: Create; Exception: [Status Code: InternalServerError; Reason: An error has occurred.]",
    "innerError": { "date": "2023-06-30T10:29:38", "request-id": "uuid", "client-request-id": "uuid" } 
  } 
} 

I'm unsure of what this error message means and how to proceed. Could you provide some guidance on what might be going wrong? I've found the available information on this topic to be somewhat scarce, so any assistance you could provide would be greatly appreciated.
Additionally, I'm interested in understanding more about the general status and support for Microsoft Graph subscriptions. Is this feature still actively supported and maintained?
Thank you for your help.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,416 questions
0 comments No comments
{count} votes

Accepted answer
  1. Akshay-MSFT 17,916 Reputation points Microsoft Employee
    Jul 4, 2023, 8:23 AM

    @Gennadii Khotovytskyi

    Thank you for posting your query. From the above description I could understand that you are looking to create a B2C user change notification subscription.

    Please do correct me if this is not the case by responding in the comments section.

    • I was able to test this as well and got error

    I did registered my application in B2C tenant itself and got the above error, though checking in the sign in logs show my app access was successful.

    User's image

    documentation I came to know that Users change notification is not supported for personal accounts and B2C tenants.

    User's image

    • Based upon the research I would say that this is expected behavior. Request you to use this only for AAD corp user accounts.
    • However if this is impacting you business needs then I would suggest to raise this as a feature request on our feedback portal.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.