ms-identity-dotnetcore-b2c-account-management | NET Core console application using Microsoft Graph | Azure library
kandi X-RAY | ms-identity-dotnetcore-b2c-account-management Summary
kandi X-RAY | ms-identity-dotnetcore-b2c-account-management Summary
page_type: sample languages: - csharp products: - azure-active-directory - azure-active-directory-b2c - dotnet - dotnet-core - ms-graph description: ".NET Core console application using Microsoft Graph for Azure AD B2C user account management." urlFragment: "manage-b2c-users-dotnet-core-ms-graph" ---.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ms-identity-dotnetcore-b2c-account-management
ms-identity-dotnetcore-b2c-account-management Key Features
ms-identity-dotnetcore-b2c-account-management Examples and Code Snippets
Community Discussions
Trending Discussions on ms-identity-dotnetcore-b2c-account-management
QUESTION
I am writing an application that uses the "OAuth 2.0 client credentials grant flow" to get an access token for calling the Microsoft Graph API. The application authenticates as itself, not on behalf of a signed in user.
I based my code off of this example from Microsoft.
This is how I initialize the GraphServiceClient:
...ANSWER
Answered 2021-Dec-08 at 06:18According to your code snippet above, I think you are using the graph SDK and using the client credential flow as the authentication.
So we are no need to generate access token here but just using the graphClient
to call the graph api and gather the information you needed. And due to this mode, it won't appear the token expired
situation as each time you call an api you will new clientSecretCredential
before it.
And let's come back to the refresh
, azure ad provide refresh token for refreshing the access token when it expired as refresh token has much longer expire time than access token, when we try to get the refresh token, we need to append offline_access
to the scope when generate the access. But using client credential flow means your app requests a new token with it's own credentials, so it's no need to using refresh token to avoid making signed-in user sign in again. Using credential flow shouldn't return refresh token.
Then you may have some ideas that you insist on using refresh the expired token
process, then what you only can do is generate an access token first and save the token with its expired time in some place, and using the access token as the http request header and calling graph api. Then the code should like this, but I don't think you're willing to using this kind of code, you may also refer to this document for more details:
QUESTION
I have cloned the MS Identity DotNetCore B2C Account Management code sample and configured it for my B2C tenant. The get user and delete user commands all work. However when I try to use command [5] Update user password
I encounter this error:
...
ANSWER
Answered 2020-Jun-29 at 01:40To update the passwordProfile
of the user, the Directory.AccessAsUser.All
permission is needed.
See the doc:
And you should note the Directory.AccessAsUser.All
is the Delegated permission
, not Application permission
. It means the permission will not take effect in the client credential flow(the sample you provided uses it), so when you use the Microsoft Graph SDK, you could not use the Client credentials provider
, your option is to use the Authorization code provider
(recommended).
QUESTION
Users sign up/login via Azure AD B2C using Identity provider Local Account-Email.
I can see users signed up (with their password) for the tenant: When I run example "Manage User Accounts with Graph API" to check for local identity passwordProfiles they show null. My assumption is this property is automatically populated when a user creates the password same as other User resources.
Can someone give me some guidance what I'm missing?
...ANSWER
Answered 2020-Mar-19 at 10:23It is an expected result.
Azure AD B2C doesn't require the local identity users to change password next sign in. As the document says:
The property must set to
.forceChangePasswordNextSignIn false
.
Set forceChangePasswordNextSignIn
as true
is meaningless. In this case, passwordProfile
won't be visible through GET method of Microsoft Graph API.
You can quickly verify it in Microsoft Graph Explorer.
For example, if you create a user with "forceChangePasswordNextSignIn": true
in an Azure AD tenant, you will get passwordProfile
in the result.
If you create a user with "forceChangePasswordNextSignIn": true
in an Azure AD B2C tenant, you can get "passwordProfile"
in the result but the password is null.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ms-identity-dotnetcore-b2c-account-management
Clone the repo or download and extract the [ZIP archive](https://github.com/Azure-Samples/ms-identity-dotnetcore-b2c-account-management/archive/master.zip)
Modify ./src/appsettings.json with values appropriate for your environment: Azure AD B2C tenant ID Registered application’s Application (client) ID Registered application’s Client secret
Build the application with dotnet build: ```console azureuser@machine:~/ms-identity-dotnetcore-b2c-account-management$ cd src azureuser@machine:~/ms-identity-dotnetcore-b2c-account-management/src$ dotnet build Microsoft (R) Build Engine version 16.4.0+e901037fe for .NET Core Copyright (C) Microsoft Corporation. All rights reserved. Restore completed in 431.62 ms for /home/azureuser/ms-identity-dotnetcore-b2c-account-management/src/b2c-ms-graph.csproj. b2c-ms-graph -> /home/azureuser/ms-identity-dotnetcore-b2c-account-management/src/bin/Debug/netcoreapp3.0/b2c-ms-graph.dll Build succeeded. 0 Warning(s) 0 Error(s) Time Elapsed 00:00:02.62 ``` 4. Add 2 custom attributes to your B2C instance in order to run all the sample operations with custom attributes involved. Attributes to add: - FavouriteSeason (string) - LovesPets (boolean)
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page