Cannot create non-existing user with error that this user already exists

Question

Cannot create non-existing user with error that this user already exists

Mateusz Domański 60

We have an application that allows external users create an account in our system which is Azure B2C tenant

One of the users already has an account but with domain1 e-mail address

This partner recently changed their domain name to domain2 and user tried to register again using new e-mail address but he is getting error that account already exists. I have checked our tenant and there is no account matching his new e-mail address

When new user is created the UPN is being randomly created as sequence of digits and numbers

I have checked the logs of Azure and found a faiulre of new user creation after his registration process with such error:

"Microsoft.Online.DirectoryServices.DirectoryUniquenessException"

In the log details I have checked that e-mail address is in domain2 and the UPN that was about to be created is different than his first account or any other account in our directory - we do not have user with the same e-mail address or UPN that was about to be created yet we are getting error as shown above

What can cause the issue?

1 answer

Your answer

Answer 1

James Hamil 27,211 Microsoft Employee Moderator

Hi @Mateusz Domański ,it seems that the issue is related to the uniqueness of the user's identity in Azure AD. Even though you do not have a user with the same email address or UPN that was about to be created, it is possible that there is a conflict with an existing user's immutable ID.

The immutable ID is a unique identifier for each user in Azure AD that is used to map the user between Azure AD and the application. It is possible that the user's immutable ID is still associated with their old account in your Azure AD, even though the account has been deleted or deactivated. This can happen if the user's old account was not properly removed from your Azure AD.

To resolve this issue, you can try the following steps:

Check if the user's old account is still present in your Azure AD. If it is, delete or deactivate the account.
Check if the user's immutable ID is still associated with their old account. If it is, remove the immutable ID from the old account.
Ask the user to try registering again with their new email address.

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Mateusz Domański 60 Reputation points

2024-05-29T07:51:30.2366667+00:00
Hi James and thank you for your answer!

His old account with different e-mail still exist in the system as he continues work with it and deleting it would be last step

As far as I kow Immutable ID in AAD is ObjectID, in our system when user account is being created via registering in the app the UPN is being taken from ObjectID (they are the same expect @domain ending in UPN. That means the old account has different UPN and ObjectID than account that was about to be created

I have tried reporudicing the issue by creating few users with exactly the same Name and Surname but different e-mail address and passwords (those are all field that user provides when registering) but I couldn't and all of those accounts were created properly

May I be wrong about what is ImmutableID or do you have in mind some other property that can cause this issue?

Share via

Cannot create non-existing user with error that this user already exists

1 answer

Your answer