cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
jakesh
Helper I
Helper I

How to load Azure AD Users or Groups into the Contacts entity without having to wait for users to log in the first time to show up in Contacts?

How do I load Azure AD Users or Groups into the Contacts entity without having to wait for users to log in the first time (via AAD authentication) to show up in Contacts?

 

Microsoft documentation says Contacts are not provisioned automatically, and they are added at "run-time" or when users log in for the first time via AAD authentication, but there has to be a way to push or load Azure AD users into the portal proactively as Contacts.

 

My end goal is to load Azure AD users into portal Contacts so that I can assign them web roles.

 

Thanks!

 

https://docs.microsoft.com/en-us/power-platform/admin/troubleshooting-user-needs-read-write-access-o...

jakesh_0-1656606703400.png

 

1 ACCEPTED SOLUTION

Accepted Solutions
jakesh
Helper I
Helper I

I found the way to pre-register contacts with an email, assign them to a web role, and upon the user signing in, the contact record will be automatically associated with the Azure AD external identity.

 

Create the following site setting, which is not preloaded to the portal by default:

 

Authentication/OpenIdConnect/AzureAD/AllowContactMappingWithEmail

 

View solution in original post

5 REPLIES 5
Fubar
Solution Sage
Solution Sage

You would have to write something that created the Contact based on a user being added to AAD etc for that Contact also create an External Identities record (this is what links the Contact to the External Identity Provider) and populate it with the respective Azure AAD GUID of the user and the AAD url (or use the email address mapping setting on your setup in the Portal - but understand that depending on your scenario there may be risks with this mapping).

jakesh
Helper I
Helper I

@Fubar thank you for your response. I tried creating a Contact record and manually added the external identity with AAD's object ID as username, but when I went to the portal and tried to log on with Azure AD an error came up saying there was an existing user with that object ID.

 

However, the goal is to load all the AAD users at once into the Contacts entity without having to add them one by one.

OliverRodrigues
Super User
Super User

This might be a duplicate of What is the best way to load a bulk of users in th... - Power Platform Community (microsoft.com)

I am just adding here for reference 




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

Fubar
Solution Sage
Solution Sage

@jakesh double check that you are just Signing in, and not Registering.  Only other thing I can think is there is a checkbox on the Contact - can't remember exactly what it is called off the top of my head something like Enabled for Portal OR Portal User.

jakesh
Helper I
Helper I

I found the way to pre-register contacts with an email, assign them to a web role, and upon the user signing in, the contact record will be automatically associated with the Azure AD external identity.

 

Create the following site setting, which is not preloaded to the portal by default:

 

Authentication/OpenIdConnect/AzureAD/AllowContactMappingWithEmail

 

Helpful resources

Announcements
Microsoft 365 Conference – December 6-8, 2022

Microsoft 365 Conference – December 6-8, 2022

Join us in Las Vegas to experience community, incredible learning opportunities, and connections that will help grow skills, know-how, and more.

Users online (3,322)