Hey @hampton123,
If you want to use a custom attribute in your B2C tenant user flow, you can set it up by:
- Create a Custom Attribute: Sign in to the Azure portal as the global administrator of your Azure AD B2C tenant. Navigate to Azure AD B2C. Select User attributes and then click Add. Provide a Name for the custom attribute (e.g., “ContainerAccess”). Choose a Data Type (String, Boolean, or Int). Optionally, enter a Description for informational purposes. Click Create to create the custom attribute.
- Use the Custom Attribute in Your User Flow: In your Azure AD B2C tenant, select User flows. Choose the relevant policy (e.g., “B2C_1_SignupSignin”) to open it. Under User attributes, select the custom attribute you created (e.g., “ContainerAccess”). Click Save. Next, under Application claims, select the same custom attribute. Click Save again.
- Assign Container Access Using Custom Attributes: When a user signs up or signs in, the custom attribute value (e.g., the container name) will be available in the token. Your Azure Function can then extract this value from the token and use it to determine which container the user has access to. No need to query the SQL database; the custom attribute provides the necessary information directly.
The majority of these steps are outlined in Define custom attributes in Azure Active Directory B2C | Microsoft Learn. As far as assigning the custom attribute, you can use the graph API. The second answer on https://stackoverflow.com/questions/77569205/adding-a-custom-claim-in-azure-b2c-using-user-flows is a good walkthrough of working with the custom attribute.