I am working on an application where I need to retrieve basic user information, including Name, Email, and Date of Birth (DOB), from Microsoft Graph API. However, I am encountering challenges, particularly with accessing the DOB attribute in a Default Azure Active Directory (non-B2C) setup. Below are the specifics of the problem:
Environment
Using Default Azure Active Directory tenant (not Azure AD B2C).
Users are part of the organizational directory, and I have admin access.
Application registered in Azure AD with permissions like User.Read, User.Read.All, and Directory.Read.All.
Challenges Faced
Date of Birth (DOB) Not Available as a Standard Attribute:
Queries to /me and /users/{user-id} endpoints using Microsoft Graph API return attributes like displayName and mail but do not include DOB.
DOB is not a built-in attribute for standard Azure AD tenants.
**Custom Attribute Configuration in Default Azure AD:**
Investigated creating custom extension properties, but these seem more tailored for Azure AD B2C or external directories.
Is it possible to add a custom attribute like DOB in Default Azure AD and retrieve it via Graph API? If yes, how?
**Limitations of Default Azure AD:**
While Azure AD B2C allows for custom attributes like `dateOfBirth` to be created and retrieved, I cannot use Azure AD B2C due to project constraints.
Does Azure AD inherently limit the availability of sensitive attributes like DOB to only B2C tenants?
Attempts Made
Successfully retrieved attributes like displayName and email from the /me endpoint with the Microsoft Graph API.
Configured custom attributes like dateOfBirth in Azure AD B2C but could not retrieve them due to subscription constraints.
Explored schema extensions for adding DOB in Default Azure AD but unclear if this is supported.
Questions:
Default Azure AD:
Is it technically possible to retrieve a user’s DOB using Microsoft Graph API in the Default Azure AD tenant?
If yes, what steps, permissions, or configurations are needed to define and access such attributes?
**Workarounds or Alternatives:**
If Default Azure AD does not support DOB retrieval, what alternatives exist for securely managing and accessing user-specific attributes like DOB?
Can custom attributes be created and accessed without moving to Azure AD B2C?
**Azure AD B2C:**
If using Azure AD B2C becomes unavoidable, how can I ensure the DOB attribute is included in API responses, and what are the exact steps to configure this?
Is there a way to bypass the Azure AD B2C-branded UI and show users the standard Microsoft sign-in page instead?
Desired Outcome:
I aim to retrieve the Date of Birth (DOB) attribute for authenticated users in a secure and compliant way, preferably within the Default Azure AD tenant and without relying on Azure AD B2C. If Azure AD B2C is required, I need a detailed guide to set it up correctly and ensure custom attributes like DOB can be accessed.I am working on an application where I need to retrieve basic user information, including Name, Email, and Date of Birth (DOB), from Microsoft Graph API. However, I am encountering challenges, particularly with accessing the DOB attribute in a Default Azure Active Directory (non-B2C) setup. Below are the specifics of the problem:
Environment
Using Default Azure Active Directory tenant (not Azure AD B2C).
Users are part of the organizational directory, and I have admin access.
Application registered in Azure AD with permissions like User.Read, User.Read.All, and Directory.Read.All.
Challenges Faced
Date of Birth (DOB) Not Available as a Standard Attribute:
Queries to /me and /users/{user-id} endpoints using Microsoft Graph API return attributes like displayName and mail but do not include DOB.
DOB is not a built-in attribute for standard Azure AD tenants.
**Custom Attribute Configuration in Default Azure AD:**
Investigated creating custom extension properties, but these seem more tailored for Azure AD B2C or external directories.
Is it possible to add a custom attribute like DOB in Default Azure AD and retrieve it via Graph API? If yes, how?
**Limitations of Default Azure AD:**
While Azure AD B2C allows for custom attributes like `dateOfBirth` to be created and retrieved, I cannot use Azure AD B2C due to project constraints.
Does Azure AD inherently limit the availability of sensitive attributes like DOB to only B2C tenants?
Attempts Made
Successfully retrieved attributes like displayName and email from the /me endpoint with the Microsoft Graph API.
Configured custom attributes like dateOfBirth in Azure AD B2C but could not retrieve them due to subscription constraints.
Explored schema extensions for adding DOB in Default Azure AD but unclear if this is supported.
Questions:
Default Azure AD:
Is it technically possible to retrieve a user’s DOB using Microsoft Graph API in the Default Azure AD tenant?
If yes, what steps, permissions, or configurations are needed to define and access such attributes?
**Workarounds or Alternatives:**
If Default Azure AD does not support DOB retrieval, what alternatives exist for securely managing and accessing user-specific attributes like DOB?
Can custom attributes be created and accessed without moving to Azure AD B2C?
**Azure AD B2C:**
If using Azure AD B2C becomes unavoidable, how can I ensure the DOB attribute is included in API responses, and what are the exact steps to configure this?
Is there a way to bypass the Azure AD B2C-branded UI and show users the standard Microsoft sign-in page instead?
Desired Outcome:
I aim to retrieve the Date of Birth (DOB) attribute for authenticated users in a secure and compliant way, preferably within the Default Azure AD tenant and without relying on Azure AD B2C. If Azure AD B2C is required, I need a detailed guide to set it up correctly and ensure custom attributes like DOB can be accessed.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 51%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 89%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHE%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 27%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)