bulk migration of users from MS SQL database to azure B2C


HI all,

I am migrating one of my application from on premise to azure cloud, on-premise application uses sql database for forms authentication and user details and password store in ms sql database.

these all are external users and i want to migrate all these external users to azure B2c.
is there any tool in azure portal to migrate users or what is best way to this bulk migration.
on stackoverflow some information available but i am not able to find end to end solution
do i need to use graph API is the only way to achieve this?


Azure Active Directory External Identities
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 22,201 Reputation points Microsoft Employee

    Hi @azure architect with .net expereince ,

    I understand that you would like to bulk migrate users from a SQL database to Azure AD B2C.

    > Is there any tool in Azure portal to migrate users or what is best way to this bulk migration?

    There isn't an existing tool for this in the portal, but we have a guide for Azure AD B2C migration, as well the related Github repository that contains samples of how to migrate the accounts with a Graph API call. In these examples the users are stored in an Azure Table, and the system validates the user credentials by calling an identity provider web service. The documentation includes several approaches and samples and it's up to the individual user which one to choose depending on the environment needs.

    > Do I need to use Graph API as the only way to achieve this?

    You can use Powershell to create local accounts, but for social identities you do need to use Graph API as stated in the documentation.

    To migrate all of the accounts, you can follow these steps from the JIT migration guide:

    1. Move your user data to an Azure Table. (You can migrate users from SQL to Azure Table storage using Azure Data Factory.)
    2. Open the AADB2C.JITUserMigration.sln and open the appsettings.json. Replace the app settings with your own values: "AppSettings": { "BlobStorageConnectionString": "<Your connection string to Azure Table that stores your identities to be migrated>" }
    3. Deploy the B2C web app to Azure App Services and set the application settings.
    4. Open the policies files, change the tenant name, client_id and IdTokenAudience for Local Account sign-in, and upload the policies to Azure portal.

    To migrate local accounts, you can use the Powershell script documented here by Amanpreet to create local accounts in bulk in the B2C tenant:

         $users = import-csv C:\temp\Admin.csv
         $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
         $PasswordProfile.Password = &#34;P@$$w0rd&#34;
         foreach ($usr in $users)
         New-AzureADUser -DisplayName $usr.name -PasswordProfile $PasswordProfile -UserPrincipalName $usr.upn -AccountEnabled $true -MailNickName $usr.email

    Let me know if these resources help. If you would like to request this ability to be added to the Azure portal itself, you can create a feature request here: https://feedback.azure.com/

    Additional reading: Bulk load users into Azure B2C Cant Bulk Create Azure ad b2c users