How can we improve Azure Active Directory?

Bring through external user profile fields when using B2B

Currently, when you invite someone from another AzureAD, using the B2B process, only their DisplayName and EmailAddress comes through (both of which are actually provided in the B2B CSV file).

It would be very useful if more profile information could be retrieved, possibly with the user's authorisation.

In particular, details like Firstname, Lastname and Country, would be a useful start, but potentially more profile fields (address, phone numbers, title, etc) would be ideal.

25 votes
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

Craig Humphrey shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Marc Moore commented  ·   ·  Flag as inappropriate

    I second the comment on EmployeeID as our guests are actually employees of subsidiary organizations who have an internal employee identifier drawn from an enterprise-wide domain of values.

  • Richard Harrison commented  ·   ·  Flag as inappropriate

    It would also be helpful if the usertype is member instead of guest if fields like EmployeeID would be retrieved through the process. Since these users are a part of our 'organization' not guest I would like to see more information.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Hi, We are in the process of migrating users from an external Okta system to a new Azure AD. As part of the SAML assertion, we have some additional fields that should be being issued from the Azure AD. For example "Box" would like the Mobile phone number. As we are in the middle of migration the users exist in only the remote Azure AD while the App is in the new Azure AD. We add the user through B2B but obviously, we don't get the mobile number so we can't add it to the config. Other SaaS may use Manager fields or other details. Being able to configure which attributes are brought over would be great to have

  • Anonymous commented  ·   ·  Flag as inappropriate

    Our particular use case is to provide attributes to enterprise apps used for user provisioning. I would expect all available fields visible in the user profile to be synced, although first and last name should be considered a bare minimum. I would expect that the attributes are kept up to date, with a sync happening roughly every half hour. Personally I don't see a near real-time sync being necessary.

    Hope that helps!
    Tom

Feedback and Knowledge Base