0

I have Signup and Sinin custom policy that allow users to signup or signin. It works well.

The policy uses the following claims:

<OutputClaim ClaimTypeReferenceId="extension_firstName" />
<OutputClaim ClaimTypeReferenceId="extension_lastName" />
<OutputClaim ClaimTypeReferenceId="extension_organizationName" />
<OutputClaim ClaimTypeReferenceId="extension_contactPhoneNumber" />
<OutputClaim ClaimTypeReferenceId="extension_selectRole" />
<OutputClaim ClaimTypeReferenceId="extension_terms" />

When I goto B2C portal, find the user and look the user details, none of the extension_* claims (attributes or properties) appear there.

Then I use Microsoft Graph, issue this query:

https://graph.microsoft.com/v1.0/users/[user Object ID]

I get minimal data for the user. None of the extension_* calim data appears there.

How can I see all the extension_* claim data with a give user created by custom policy?

Allan Xu
  • 7,998
  • 11
  • 51
  • 122

1 Answers1

1

The Azure portal doesn't display the extension properties for users.

For the Microsoft Graph query, you must add the $select parameter in order to include the extension properties, such as:

GET https://graph.microsoft.com/v1.0/users/{id}?$select=extension_{b2cExtensionsAppClientId}_firstName,extension_{b2cExtensionsAppClientId}_lastName,...

where {b2cExtensionsAppClientId} is the application (client) identifier (without hyphens) for [the b2c-extensions-app application}(https://learn.microsoft.com/en-us/azure/active-directory-b2c/extensions-app) that is registered in your Azure AD B2C tenant such as:

extension_b2ba52d57b074a5e8fa2d8b35f5a1347_firstName
Chris Padgett
  • 14,186
  • 1
  • 15
  • 28
  • You can also use `/beta/users/id` if you are not sure about the property names as it seems to return all of them. This could change in the future though. – juunas Sep 19 '20 at 09:08
  • Thankn you Chris and @juunas for solving this mystery – Allan Xu Sep 20 '20 at 04:13