Azure AD B2C claims (givenname, surname) are not being updated when signing in with IDP

Yashwanth Yenugu 116 Reputation points
2020-07-01T11:30:02.837+00:00

When an Azure AD B2C account is set up after signing in with a IDP, the basic claim details are populated with data from the IDP, such as surname, givenname. When this information is changed in the IDP account, they are not being updated in the B2C claims on the next sign in?

I've created a user in okta (External OIDC IDP) with givenname: 'newname', surname: 'newsurname' and signed in, b2c returned correct givenname and surname claims.

Later I updated givenname as 'updatedname' and surname as 'updatedsurname' in okta and tried to sigin in, B2C still returns old givenname and surname. (Okta is returning updated claims but these are not updated in B2C).

Other claims are updated correctly, only issue is with these 2 claims. Please advice. Thanks.

Reference for the similar issue asked here - https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/15529626-update-azure-ad-b2c-claims-when-signing-in-with-so

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,662 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,246 Reputation points
    2020-07-28T18:30:19.263+00:00

    We are reading the user from the directory in B2C rather than passing through the claims from the IdP on susequent sign ins. You could fix this by only passing through the claims from Okta, rather than having them stored in B2C at first sign in (and subsequently read from there). You could do that with custom policies.

    0 comments