Are nested groups supported?
Are nested groups supported in Azure B2C?
This page suggests there is some support, because it links to https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-limitations#restriction-on-nested-groups
If there are restrictions on them then I assume they are at least partially supported. Unfortunately that page no longer exists.
I couldn't find any information in MSFT docs about the status of this feature.
I've tried their User Voice, but the only thing I found is an entry about plain "Azure AD" (I thought that is supported already, but it appears it's not if there is an open request about it)
FWIW I cannot add a nested group in the way that's suggested by MSFT documentation. I don't see that option in the UI, though it lists "0 groups" as members.
Trying to add a group to another group via Graph API results in
{"error":{"code":"Request_BadRequest","message":"An invalid operation was included in the following modified references: 'members'.","innerError":{"date":"2022-04-20T15:32:34","request-id":"7d183819-019a-4f23-b31f-1765dcd7d44a","client-request-id":"7d183819-019a-4f23-b31f-1765dcd7d44a"}}}
After wrangling with MSFT support I got an answer that nested groups are not supported in B2C enabled tenants.
This can be done in Azure AD and not on the B2C AD. Adding a group as a member of another group in Azure AD B2C is not supported.
- Flutter MSAL_js-based (B2C) Authentication fails
- Caching User Single Sign On using Distributed Cache
- How to redirect back to Azure AD B2C defining which custom policy to use based on the username given
- Access token not working Azure AD custom policy
- MSAL login getting stuck in .NET MAUI app
- Sign-up User Flow with Azure B2C and Microsoft.Identity.Web
- Azure AD B2C Password Reset
- Reset password MS Entra
- How to set redirect URLs to b2clogin.com for Azure Active Directory B2C in React JS application
- "AADSTS900144: The request body must contain the following parameter: 'grant_type'.?
- Retrieving tokens from aad_b2c_webview
- MissingPluginException When Using aad_oauth for Microsoft Multi-Factor Authentication in Flutter
- How to check user exists in AD B2C, using custom policy?
- I am trying to update an existing user i made through graph api in my code, but i get a 403 error back from azure graph api
- Use managed identity of the web app to manage b2c using graph api
- Azure AD B2C error AADB2C90057 when I am NOT trying to use the implicit flow
- no email in claim when logging on via Entra ID
- Azure B2C App Always Redirects to <domain>/MicrosoftIdentity/Account/Error
- How to Implement Direct Username and Password Login with Azure AD B2C in Flutter without Using Microsoft's UI?
- How to properly restrict access to an azur eweb application?
- Azure Tenant setup for .NET Blazor WASM calling Web API + Microsoft Graph
- Set-AzureADMSTrustFrameworkPolicy powershell cmdlet works on laptop but not in github actions. No changes done
- I am not able to import the powershell module Microsoft.Graph.Entra.Beta
- B2C Custom Policy: Error changing localAccountPasswordReset Content selfAsserted policy version beyond 1.1.0
- Non Verified Domain as IdntifierUri for Azure B2C IEF Application
- B2C authentication not returning access_token
- How to disable authentication during the start up of an ASP.NET Core 5 Blazor B2C application?
- Email address empty when trying to read it out at the back end
- Creating a user in Azure AD B2C through Microsoft SSO
- Azure B2C client credentials flow throws invalid_grant AADB2C90085