BUG UPN B2C PORTAL/GRAPH

Question

BUG UPN B2C PORTAL/GRAPH

Miguel Ángel Morales - TEST JG 16

I can create a B2C "customer" user with microsoft.Graph with an upn value of "test @Stuff .com" if I assign "test @Stuff .com" to the field IssuerAssignedId

But then in the azure portal I cannot edit the upn because it says that "gmail.com" is not verified.

The button "Save" appears as clickable for 2 seconds even thought it gives validation error, if you click it, a notification appears that says saved succesfully even thought it doesn't saves the changes

Also the Icon of the user becomes corrupted on the user list views, and does not fix even clicking the refresh button or navigating through the portal

Miguel Ángel Morales - TEST JG 16 Reputation points

2022-07-27T22:22:53.547+00:00

Ok.

So we were asked that users can login with whatever account they want.
xxx@Stuff .com
******@localdomain.com

Do I have to verify a domain like google.com with my B2C tenant so it works properly?

Thanks for correcting your answer and will be waiting for what the B2C team says.
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,546 Reputation points Moderator

2022-07-28T02:46:11.517+00:00

Hello @Miguel Ángel Morales - TEST JG , you don't need to verify gmail.com for B2C consumer accounts. They will all have a upn using one of the tenant domains as issuer. Can you please share the graph call you 're using to create your B2C users?
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-07-28T06:53:17.767+00:00

hmm, okay.
I will share the code so you can tell me if its okay.

devirisjgb2c.onmicrosoft.com

CUSTOM=>

AZURECALL=>

We are going to update the architecture because we have too many microservices an its beign a challange to maintain them.
Also there are some requirements changes so its not 100% the final code,
But thats how it looks like now
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,546 Reputation points Moderator

2022-07-28T22:16:54.147+00:00

Hello @Miguel Ángel Morales - TEST JG , I see your CreateUserAsync builds the upn correctly. This is not required nor the mailNickName; you can remove it. Your update opeartion in the portal is done once the user is created right?
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-07-29T07:21:26.98+00:00

Roger that, will try deleted creating the users deleting those field.

Yes, I made the update operation through the portal, but right now I dont need to update that field, so its not a problem.
Just opened the issue on the forum to let you know and to get more information just in case I was doing something bad
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,546 Reputation points Moderator

2022-07-29T18:55:22.533+00:00

Hello @Miguel Ángel Morales - TEST JG , ok got it. I'm reaching the Portal team to address this limitation/behavior. I'm reporting 3 issues here: identityIssuerId being reported as upn, portal incorrect validation errors and inconsistent behavior during save. I will come back to you ASAP and post a new answer on theirs. Thanks for your time and patience.
JamesTran-MSFT 37,251 Reputation points Microsoft Employee Moderator

2022-08-02T21:15:39.067+00:00

@Miguel Ángel Morales - TEST JG
Thank you for your post and I apologize for the delayed response on this!

Since you're working @Alfredo Revilla - Upwork Top Talent | IAM SWE SWA on this issue, I just wanted to check-in and see if you had any other questions while we wait for our Portal team to address this limitation/behavior?

If you have any other questions, please let us know.
Thank you for your time and patience throughout this issue.
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-08-03T11:20:44.927+00:00

Hello @JamesTran-MSFT , thanks for getting in contact.

1-
Well, since the team is new using B2C im pretty sure a lot of questions will come out as we deploy the software to the clients.
One little think that I will like to customize is the login page, but I will like to use a different one by each application (AdminWeb,TenantWeb,FrontEnd)
Right now i've got a same the same dessign for the 3 apps.

I haven't seen an "easy" way to configure a different design by app. Do you know how could I do it?
I have readed in some docs that I could put the html file in my project, then I should change the default route of the login to the page I create?

2-
The login brand language thing doesn't seem to be working

Or I dont know how to use it?
Is there something specific I have to do?I always see it in english
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-08-03T11:22:03.53+00:00

3-I have seen some weird behaviour 2 month ago regarning App Role Assignment to Users in Azure AD(not b2c).
Now im using b2c so I'm not doing the AppRole assignment thing.
But sometimes when I was assigning a role to an user, I would first select the user, then the role, try to assign it, but the user would be unselected automatically so the create process was weird, I had to select the role first and then the user to make it work nicely

4-Also in the past I have encountered some problems regarding the password of the Invited guest users to the domain, #ext# users
but it was 2 months ago and now I dont need to do that process bcs of b2c
(It was something about having to restablish all the time the password because, otherwise it said always password incorrect)
(When trying to access the multitenant applications that I had, the portal was fine)

(Maybe I was doing something wrong)

.
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-09-21T11:20:42.16+00:00

@Alfredo Revilla - Upwork Top Talent | IAM SWE SWA

Any update on the issue?
Miguel Ángel Morales - TEST JG 16 Reputation points

2022-12-12T14:49:26.337+00:00

Any update?
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,546 Reputation points Moderator

2022-12-12T19:49:49.513+00:00

Hello @Miguel Ángel Morales - TEST JG , and apologies for the delay on this. I'm reaching the Azure Portal team again and will come back to you ASAP.