question

alvipeo avatar image
0 Votes"
alvipeo asked saldana-msft edited

Confused about extensions for a User in Azure B2C - Maximum number of extensions values supported per application is 2

So there are User Custom Attributes in Azure B2C which are created in the Portal and they belong to "b2c-extensions-app-blahblah". When I need to set its value programmatically I use await GraphClient!.Applications[b2CExtensionsApp.Id].ExtensionProperties to get the custom attribute and then I add/update its value with:

 await GraphClient!.Users[userId].Extensions[userCustomAttr.Id.ToString()].Request().UpdateAsync(ext);

My app does require to have 2 custom user attribute values, so I set them in code. So far so good.

Now, there are OpenExtensions for directory objects. And I want to keep some data with them. Here's how I create its value with:

                     OpenTypeExtension ilgExt = new()
                     {
                         ExtensionName = ILG_USER_CUSTOM_EXTENSION_NAME_S,
                         AdditionalData = new Dictionary<string, object>
                         {
                             {extPropName, value}
                         }
                     };
                     try
                     {
                         await GraphClient!.Users[userId].Extensions.Request().AddAsync(ilgExt);
                     }
                     catch (Exception ex)
                     {
                         string errMsg = $"Could not create extension value {extPropName} for a User '{userId}'";
                         _logger.LogError(ex, errMsg);
                         throw new IlgGraphClientException(errMsg, ex);
                     }


But this throws and exception:

Maximum number of extensions values supported per application is 2

WTF? Why can't I use more? And why custom attributes are taken into account?


Is there any way to have custom attribute values AND extension property values for a User?

azure-ad-b2cmicrosoft-graph-sdkmicrosoft-graph-extensions
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @alvipeo · Open extensions are different than Schema extensions. I have provided the backend calls below to distinguish between these methods.

Open extension creates extension attribute for specific user and it has a limit of 2 per application. Below is an example of backend API call to create open extension.

Call:
POST https://graph.microsoft.com/v1.0/me/extensions
Body:
{
"@odata.type": "microsoft.graph.openTypeExtension",
"extensionName": "com.contoso.roamingSettings",
"theme": "dark",
"color": "purple",
"lang": "Japanese"
}

Creating 3rd attribute using this method results in below error:

122422-image.png

Schema extension is done at directory/tenant level and attributes created by using this method are available for all users in that tenant. Custom attributes in B2C are created as schema extension and is not restricted to 2 per application. These attributes are created in B2C via b2c-extensions-app and are available for all users. Below is the backend call that is used to create schema extension attribute:

Call:
POST https://graph.microsoft.com/beta/<your_tenant.onmicrosoft.com>/applications/<ObjectID_of_b2c-extension-appl>/extensionProperties
Body:
{
"name": "employeeType",
"dataType": "String",
"targetObjects": ["User"]
}


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


image.png (51.8 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you! I know the difference.

I guess what I don't understand is this - are Custom User Attributes for Azure B2C (in the portal) open extensions? If so, will I get this error "Maximum number of extensions values supported per application is 2."?

I already know how to create Open Extensions and Schema Extensions in code. And I do know the difference. My confusion is about Azure B2C Custom User Attributes and that error as I need to set Custom User Attributes' values in code (I already have this code).

0 Votes 0 ·

Hi @alvipeo · Please find my comments inline.

Are Custom User Attributes for Azure B2C (in the portal) open extensions?
NO
Will I get this error "Maximum number of extensions values supported per application is 2."?
NO

I shared this information in the last paragraph of my 2nd answer as well.

0 Votes 0 ·
amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered alvipeo commented

Hi @alvipeo • Thank you for reaching out.

This is a by design limitation for open extensions. An application can add up to two open extensions per resource instance. Which means, If you have added 2 open extension attributes for user1, you won't be able to add third open extension attribute for user1 but you will be able to add 2 open extension attributes for user2, using same application. This limitation is for both standard Azure AD as well as Azure AD B2C tenants.

This limitation is documented here: https://docs.microsoft.com/en-us/graph/extensibility-overview#open-extension-limits

Why custom attributes are taken into account? Is there any way to have custom attribute values AND extension property values for a User?
This limit is independent of custom attributes created via schema extension. If you create 2 extension attributes by schema extension, you can still create 2 open extensions per user/resource using same application.

For creating more than 2 attributes per resource using same application, I would suggest you to go with schema extension. Please refer to my blog post Azure AD Schema extension for users in 10 easy steps.

Hope I have covered all your questions. If you have any further question, feel free to tag me in your reply.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Something is not clear to me.

So Azure AD B2C custom user attributes are special kind of open extensions which are created for "b2c-extensions-blah" application. And I just successfully added the 3rd custom attribute to B2C and no error. Does this mean I can set all 3 values for any B2C user now? I haven't tried yet but I think it should work. And there's no limit of 2 values. Is this correct?

0 Votes 0 ·