Use Azure AD Graph to update values on the `AdditionalValues` dictionary for a user

Question

How do I use Azure AD Graph to update values on the AdditionalValues dictionary for a user? The test below returns 400 Bad Response.

Background: The rest of my application uses MSGraph. However, since a federated user can not be updated using MSGraph I am searching for alternatives before I ditch every implementation and version of Graph and implement my own database.

This issue is similar to this one however in my case I am trying to update the AdditionalData property.

Documentation

[TestMethod]
public async Task UpdateUserUsingAzureADGraphAPI()
{
    string userID = "a880b5ac-d3cc-4e7c-89a1-123b1bd3bdc5"; // A federated user

    // Get the user make sure IsAdmin is false.
    
    User user = (await graphService.FindUser(userID)).First();
    Assert.IsNotNull(user);

    if (user.AdditionalData == null)
    {
        user.AdditionalData = new Dictionary<string, object>();
    }
    else
    {
        user.AdditionalData.TryGetValue(UserAttributes.IsCorporateAdmin, out object o);
        Assert.IsNotNull(o);
        Assert.IsFalse(Convert.ToBoolean(o));
    }
    
    string tenant_id = "me.onmicrosoft.com";
    string resource_path = "users/" + userID;
    string api_version = "1.6";
    string apiUrl = $"https://graph.windows.net/{tenant_id}/{resource_path}?{api_version}";
    
    // Set the field on the extended attribute
    user.AdditionalData.TryAdd(UserAttributes.IsCorporateAdmin, true);
    // Serialize the dictionary and put it in the content of the request
    string content = JsonConvert.SerializeObject(user.AdditionalData);
    string additionalData = "{"AdditionalData"" + ":" + $"[{content}]" + "}";
    //additionalData: {"AdditionalData":[{"extension_myID_IsCorporateAdmin":true}]}

    HttpClient httpClient = new HttpClient();
    HttpRequestMessage request = new HttpRequestMessage
    {
        Method = HttpMethod.Patch,
        RequestUri = new Uri(apiUrl),
        Content = new StringContent(additionalData, Encoding.UTF8, "application/json")
    };
    var response = await httpClient.SendAsync(request); // 400 Bad Request
}

question from:https://stackoverflow.com/questions/65660374/use-azure-ad-graph-to-update-values-on-the-additionalvalues-dictionary-for-a-u

Answer 1

1. Make sure that the Request URL looks like: https://graph.windows.net/{tenant}/users/{user_id}?api-version=1.6. You need to change the api_version to "api-version=1.6".

2. You cannot directly add extensions in AdditionalData and it will return the error(400).

Follow the steps to register an extension then write an extension value to user.

Register an extension:

POST https://graph.windows.net/{tenant}/applications/<applicationObjectId>/extensionProperties?api-version=1.6

{
    "name": "<extensionPropertyName like 'extension_myID_IsCorporateAdmin>'",
    "dataType": "<String or Binary>",
    "targetObjects": [
        "User"
    ]
}

Write an extension value:

PATCH https://graph.windows.net/{tenant}/users/{user-id}?api-version=1.6

{
    "<extensionPropertyName>": <value>
}