Search code examples
c#azureazure-active-directoryazure-ad-b2b

Invite user as Member

I'm trying to update my existing app with some new features. App uses Azure B2B API and invites users as guests. It works well, but it causes issues with some emails that marked as mastered in their tenants.

Is there a way to invite user with user type = Member?

Solution

  • Is there a way to invite user with user type = Member?

    Yes, we could do that with Microsoft.Graph. The default type is Guest,we could change it with the following code. I test it with Microsoft.Graph permission: Directory.ReadWrite.All

     string authority = "https://login.microsoftonline.com/{0}";
 string graphResourceId = "https://graph.microsoft.com";
 string tenantId = "xxxxxx";
 string clientId = "xxxxxx";
 string secret = "xxxxxx";
 authority = String.Format(authority, tenantId);
 AuthenticationContext authContext = new AuthenticationContext(authority);
 var accessToken = authContext.AcquireTokenAsync(graphResourceId, new ClientCredential(clientId, secret)).Result.AccessToken;
            var graphserviceClient = new GraphServiceClient(
                new DelegateAuthenticationProvider(
                    requestMessage =>
                    {
                        requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", accessToken);

                        return Task.FromResult(0);
                    }));
            var dic = new Dictionary<string, object> { { "@odata.type", "microsoft.graph.invitedUserMessageInfo" } };

            Invitation invitation = new Invitation
            {
                InvitedUserEmailAddress = "email",
                InvitedUserMessageInfo = new InvitedUserMessageInfo { AdditionalData = dic },
                InvitedUserDisplayName = "tomsun-member",
                SendInvitationMessage = false,
                InviteRedirectUrl = "http://localhost",
                InvitedUserType = "Member" //Change the Invited User Type 
            };
            var result = graphserviceClient.Invitations.Request().AddAsync(invitation).Result;

    Test Result:

    enter image description here

    Check it from Azure portal:

    enter image description here

    Update:

    Add permission from Azure portal

    enter image description here

    Check the access token permission with https://jwt.io/

    enter image description here

    Update2:

    Add the packages.config file.

    <?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Microsoft.Graph" version="1.9.0" targetFramework="net471" />
  <package id="Microsoft.Graph.Core" version="1.9.0" targetFramework="net471" />
  <package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="3.19.4" targetFramework="net471" />
  <package id="Newtonsoft.Json" version="11.0.2" targetFramework="net471" />
  <package id="System.IO" version="4.3.0" targetFramework="net471" />
  <package id="System.Net.Http" version="4.3.3" targetFramework="net471" />
  <package id="System.Runtime" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.Algorithms" version="4.3.1" targetFramework="net471" />
  <package id="System.Security.Cryptography.Encoding" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.Primitives" version="4.3.0" targetFramework="net471" />
  <package id="System.Security.Cryptography.X509Certificates" version="4.3.2" targetFramework="net471" />
</packages>