{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 家丑人穷心不美 的问题《Azure AD: Property 'mail' is read-only and》','https://www.manongdao.com/q-837068.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I was trying to create a user in Azure AD without mail filed is user created successfully. I need to add the email id in Azure AD at the time of user created.
I added the mail property in json and it says
Property 'mail' is read-only and cannot be set.
My C# code is:
var url = string.Format("https://graph.windows.net/{0}/users?api-version=1.6",oauthsettings.TenantId);
var authDetails = _orchardServices.WorkContext.CurrentSite.As<AzureAuthenticationPart>();
var alogin = new AzureLogin();
var jwttoken = alogin.ServiceAuth(authDetails.ClientId, authDetails.ClientSecret);
var aadUser =new {
mail=email,
accountEnabled = true,
displayName = userName,
mailNickname = userName,
passwordProfile = new passwordProfile()
{
password = password,
forceChangePasswordNextLogin = authDetails.IsUpdatePwdNextLogin
},
userPrincipalName = userName + oauthsettings.DirectoryName,
};
var client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + jwttoken);
var modelval = Convert.ToString(JsonConvert.SerializeObject(aadUser));
var content = new StringContent(modelval, Encoding.UTF8, "application/json");
var result = client.PostAsync(url, content).Result;
Get Access Token from Azure AD After Login
JwtSecurityToken token = GetAccessToken(authDetails, code, returnUrl);
var claims = token.Claims;
return LogOn(claims, returnUrl);
Getting Email from JWT
public LogOnResponse LogOn(IEnumerable<System.Security.Claims.Claim> claims, string returnUrl)
{
var email = claims.FirstOrDefault(s => s.Type == "email").Value;
In this place I can't get the access token, because the user created time is not set the email in Graph API Request. I have another problem is this email id based only I was validate another site also, so I was required set the email in user created time.
I required email id for login in my application. i was integrate the Azure AD in existing application it's required for email.
Does anyone know how to set the email id in Azure AD for a user.
My Request in Postman. Response for Email Added in Request
There are two different fields for Email Addresses on an AAD User.
From the Graph API Reference:
Note that you can only set the
mailproperty when you initially create the user (POST), but you can update theotherMailsproperty whenever you want (PATCH).It seems like you should be using the
otherMailsproperty for your needs.Because the mail attribute is tied to Exchange Online, we don't permit you to write to that attribute unless you have an Exchange Online license. When you activate a license for the user, Exchange Online will update the field with the correct mailbox mail address during the creation of the user's mailbox. You can utilize "MailNickName" and " other emails" during the creation of a user. This field will also depend upon if it is a "local account (B2C)" or "work or school account".
I hope this answers your question concerning the "mail" attribute being "read-only"