B2C Extension Attribute not returned in User profile

AV 81 Reputation points
2022-04-12T20:39:25.787+00:00

Hi,

I have a Custom attribute in B2C that I am using the Sign up Custom policy to add to the User's profile during Sign up. however, after signup when I query the User profile through Graph API, this extension attribute is not in the returned result. Result json has "extensions": null.

I have followed the following steps;
Are these steps the correct ones to save a new custom claim into the B2C user's profile?

  1. Created the Custom attribute from the "Manage --> User attributes" on the B2C portal.
  2. Created a boolean type claim in the TrustFrameworkBase policy (with Id="extension_{customattributename}")
  3. Modified the TrustFrameworkBase policy "AAD-Common" Technical Profile to set the ApplicationID and Client ID for the b2c-extensions-app
  4. Added the new claimtype in the Technical Profile "AAD-UserWriteUsingLogonEmail", "AAD-UserWriteProfileUsingObjectId" as a Persisted Claim with default value = false. Added the claim to Output claims in these technical profiles as well.
  5. Added the new claim to the Sign up 's Relying Party Output Claims - I can see this new claim in the JWT being issued after Sign up
  6. Added the new claim to OutputClaims in the TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email" - I can see this new claim in the JWT issyues upon successful login.

But, When I query the user with objectid through Graph API, I do not see this extension attribute in the json that is returned. What am I missing?

Also, if I need to modify the value of the new claim from the default value false to true, in one of the orchestration steps in the Signup User journey, what should I do?

My Sign up User journey has the following steps: 1) Signup (Technical Profile Id = LocalAccountSignUpWithLogonEmail) 2) Email Verification (split from Sign up screen) 3) AAD-UserReadUsingObjectId 4) SendClaims

Appreciate any hep with this. Thanks!!

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,721 questions
{count} votes

1 answer

Sort by: Most helpful
  1. AV 81 Reputation points
    2022-04-14T14:03:59.28+00:00

    Hi @CarlZhao-MSFT ,

    Confirming that I was able to select the extension attribute from the user's profile when I altered the graph api select to the following.

    var result = await graphClient.Users[userId]
    .Request()
    /* original
    .Select(e => new
    {
    e.DisplayName,
    e.Id,
    e.Identities
    })*/
    // modified
    .Select($"id,givenName,surName,displayName,identities,{customAttributeName}")
    .GetAsync();

    Thanks.

    0 comments No comments