Java 控制台应用程序将用户批量上传到 Azure B2C 活动目录

Question

I am trying to create a Java Console Application to bulk upload users from local SQL database to Azure b2c active directory. I have a JSON file which I created

{
  "users": [
    {
      "displayName": "Amanda Polly",
      "givenName": "Amanda",
      "surname": "Polly",
      "extension_user_type": "user",
      "identities": [
        {
          "signInType": "emailAddress",
          "issuerAssignedId": "amandapolly@gmail.com"
        }
      ],
      "extension_timezone": "PST",
      "extension_locale": "en-US",
      "extension_tenant": "EG1234"
    },
    {
      "displayName": "Lowa Doe",
      "givenName": "Lowa",
      "surname": "Doe",
      "extension_user_type": "user",
      "identities": [
        {
          "signInType": "userName",
          "issuerAssignedId": "lowadow123"
        }
      ],
      "extension_timezone": "PST",
      "extension_locale": "en-US",
      "extension_tenant": "EG1234"
    }
   ]
}

These are the users which I want to create on B2C, I need help in starting this, I have to use microsoft graph API, can anyone guide me through, I read about tokens and clientID but was not able to understand it.

It is stuck in this state for a long time. deserializing to JSON

Answer 1

To call Microsoft Graph, your app must acquire an access token from the Microsoft identity platform. The access token contains information about your app and the permissions it has for the resources and APIs available through Microsoft Graph. To get an access token, your app must be registered with the Microsoft identity platform and be authorized by either a user or an administrator for access to the Microsoft Graph resources it needs.

There are two kinds of common auth flow: client_credentials flow and authorization_code flow . The former is app-only, and the latter is app+user.

Here I take "client_credentials flow" as the example.

Firstly you need to Register your app . More detailed steps here . Remember to add and grant consent to User.ReadWrite.All application permission in your Azure AD app.

After you add the permission, don't forget to click on " Grant admin consent for {your tenant} " (see it below).

Create a client secret is necessary. (record it once it is created because you won't see it later).

Also remember to record the application id (client id) for late use.

Now you can Install the Microsoft Graph Java SDK to your project and implement Client credentials provider like this:

ClientCredentialProvider authProvider = new ClientCredentialProvider(
                                                    clientId,
                                                    scopes,
                                                    clientSecret,
                                                    tenant,
                                                    endpoint);

You should have clientId and clientSecret from the previous steps. scopes should be "https://graph.microsoft.com/.default" . tenant should be the tenant id of your B2C tenant. endpoint is the NATIONAL_CLOUD of Microsoft. See the sample here .

Then you could use the following code to create user. See reference here.

IGraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider(authProvider).buildClient();

User user = new User();
user.displayName = "John Smith";
LinkedList<ObjectIdentity> identitiesList = new LinkedList<ObjectIdentity>();
ObjectIdentity identities = new ObjectIdentity();
identities.signInType = "userName";
identities.issuer = "contoso.onmicrosoft.com";
identities.issuerAssignedId = "johnsmith";
identitiesList.add(identities);
ObjectIdentity identities1 = new ObjectIdentity();
identities1.signInType = "emailAddress";
identities1.issuer = "contoso.onmicrosoft.com";
identities1.issuerAssignedId = "jsmith@yahoo.com";
identitiesList.add(identities1);
ObjectIdentity identities2 = new ObjectIdentity();
identities2.signInType = "federated";
identities2.issuer = "facebook.com";
identities2.issuerAssignedId = "5eecb0cd";
identitiesList.add(identities2);
user.identities = identitiesList;
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.password = "password-value";
passwordProfile.forceChangePasswordNextSignIn = false;
user.passwordProfile = passwordProfile;
user.passwordPolicies = "DisablePasswordExpiration";

graphClient.users()
    .buildRequest()
    .post(user);

Modify the code based on your needs.

Besides, if you want to add extension attributes, you need to refer to Create extensionProperty . You should create extensionProperty first and then create the users with extension attributes. See my another answer for the logic. (just need to look into the content before "Then create a claimsMappingPolicy:" )