The following forum(s) are migrating to a new home on Microsoft Q&A (Preview): Azure Active Directory!

Ask new questions on Microsoft Q&A (Preview).
Interact with existing posts until December 13, 2019, after which content will be closed to all new and existing posts.

Learn More

 none
Deleting User from Azure ADB2C RRS feed

  • Question

  • Hi All,

    I am looking for possible ways to delete a user that is created using Azure ADB2C apart from manually deleting. 

    Thanks in advance :)


    Tuesday, October 15, 2019 10:26 AM

All replies

  • Hi Srivalli,

    You can use the  REST API to delete the consumer user accounts programmatically. There is no automated way of deleting them. If needed, you would have to write custom scripts to delete them based on your requirements. 


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    Tuesday, October 15, 2019 10:58 AM
    Moderator
  • Hi Manoj,

    Thank you for the response, can you please elaborate if the role(user administration) for the application created should be added in base tenant (the one used to create ADB2C tenants)?


    Wednesday, October 16, 2019 9:58 AM
  • Also, can you please throw some light on the "custom scripts" for deleting?

    Thank you!

    Wednesday, October 16, 2019 10:00 AM
  • Hi, 

    You have to create the application in the same B2C directory. You just have to just as an enterprise application as explained in this doc: https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/set-azurekeyvaultsecret?view=azurermps-6.13.0

    Note: Every B2C tenant can also be used as a normal Azure AD tenant. If you have multiple B2C tenants, you would need an application in each B2C tenant.

    Regarding the scripts, I meant you have to write scripts as per your business logic. 

    Example: If you have to delete users who have not signed in the last year. You would have to save sign-in logs, query them and then call the delete REST API call to delete the users. 

    Hope this helps.


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    Wednesday, October 16, 2019 2:07 PM
    Moderator
  • Hi Manoj,

     I have created the application (eg.,managementapp1) and have given the read and write directory data permission. But when I tried to do "add assignment" under roles and administrators in adb2c I do not see the option of adding the application created (managementapp1), I see only users can be added. Can you please advise if I am missing anything over here.

    Thank you!

    Thursday, October 17, 2019 7:48 AM
  • Hi Srivalli,

    You have to use PowerShell to assign the role to your application. Also, you have to keep in mind that the role gets assigned to the service principal and not the application. The service principal can be considered as the identity of the application.

    You can find the role ID that you want to assign using this command : Get-AzureADDirectoryRole | Where-Object {$_.displayName -eq 'Helpdesk Administrator'}

    You can find the Object ID of the service principal either by searching directly under enterprise applications or through PS using this command: Get-AzureADServicePrincipal -searchstring</g> (your enterprise application name)

    Finally, you can assign the role to your application using this command: Add-AzureADDirectoryRoleMember -ObjectId $AADRole.ObjectId -RefObjectId $service principal.ObjectId

    Hope this helps.


    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!


    Thursday, October 17, 2019 3:16 PM
    Moderator
  • Hi Srivalli,

    I am checking in to see if the above answer was helpful. If yes, do click on the 'Mark as answer' link in the above reply. This will help other community members facing similar query to refer to this solution. Let me know if you have any other questions. 


    Wednesday, October 23, 2019 12:37 PM
    Moderator
  • Hi Manoj,

    We are not using powershell, any other alternative?

    Thank you in advance!

    Friday, December 6, 2019 10:43 AM