0

I'm using Graph API to add new B2C users, since I'm using custom CX experience based on SignUpSignIn. Signing up is disabled in the B2C tenant as it must be initiated from our inhouse app.

I can add users successfully but all users are added to the main tenant's AAD. Admittedly, when I use PowerShell to search for these users, they don't show up. But they do in the Portal and I'd like to avoid that - constraining it to actual employees rather than hundreds or thousands of B2C users. Is there a way to add them ONLY to the B2C directory - which has its own tenant ID. Do I need to create another AAD directory and link this tenant to it?

Architect Jamie
  • 1,621
  • 4
  • 18

1 Answers1

1

AADB2C is for consumer accounts only and aad is for internal organizations. As the users are seen in portal , cannot be used by Azure AD B2C as users created through the portal are for azure ad(enterprise scenario). Azure AD B2C uses the 'signin names' property of the user to sign in.

Azure AD B2C has a sample Create consumer user accounts for creating user accounts using AADGraph, which can be used for creating users in cases where only signin is supported.

If above is not the working example, you may try create new tenant for AAD and connect to AADb2c ,for only users required and not for all.

References:

  1. azure active directory - AADB2C99002 error. B2C Sign In policy without Sign Up policy? - Stack Overflow
  2. Add second Global Admin to Azure AD B2C? - Stack Overflow
kavyaS
  • 8,026
  • 1
  • 7
  • 19
  • Thanks for the reply. I am indeed using Graph to create users which still are visible in main AAD. But yes I appreciate creating a new tenant with its own AAD would solve the issue. In any case, it's kind of cosmetic so the business can decide whether this is tolerable. – Architect Jamie Feb 16 '22 at 13:14