I am trying to create a Guest B2B User using the “Microsoft Entra SaaS” connector. To test this I have created an Access Profile with a single entitlement. I am requesting the Access Profile from the Request Center to kick off the Create Process for my test user.
I have followed the steps outlined under the “Create Guest User (B2B) Account Policy” section to populate my Create Profile:
I am populating the following attributes, as these appear to be required.
userPrincipalName
password
displayName
mailNickname
accountType
invitedUserEmailAddress
inviteRedirectUrl
sendInvitationMessage
customizedMessageBody
invitedUserDisplayName
invitedUserUsageLocation
The Full Create Profile is shown here:
createProfile.json (12.1 KB)
The invited user does show up in my tenant, and this user is also sent the invitation email; however, the Request is left in a “Contact Helpdesk” state with a message that reads:
Also, the Events for the user shows a failed Create attempt.
If I Aggregate the user after the fact, they are correlated without issue.
I have turned on debugging for the logs, and I am met with the following errors when tailing the logs using: “sail conn logs tail”
[2025-05-05T22:07:10.975-04:00] DEBUG | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Executing the http request...: PATCH https://graph.microsoft.com/v1.0//users/6e7dfd6f-6176-49a8-ad06-d27919bd7ebc","requestId":"b6c9a9acc07544d8836705f84965590d","timestamp":"2025-05-06T01:45:00.682Z","version":37}
[2025-05-05T22:07:11.425-04:00] WARN | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Error details after parsing: code: 404, error message: Resource '' does not exist or one of its queried reference-property objects are not present.","requestId":"b6c9a9acc07544d8836705f84965590d","timestamp":"2025-05-06T01:45:00.682Z","version":37}
[2025-05-05T22:07:11.425-04:00] ERROR | connectorMessage ▶︎ {"commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Connector error : Error occurred in create user , ConnectorError: Error occurred in create user \n at convertError (/app/connector/index.js:16:88051)\n at AzureADConnector.createAccount (/app/connector/index.js:16:83508)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n at async /app/connector/index.js:17:205775\n at async Connector._exec (/app/connector/index.js:1:13141)\n at async /usr/bin/index.js:35:1430591\n","requestId":"b6c9a9acc07544d8836705f84965590d","version":37}
[2025-05-05T22:07:11.426-04:00] INFO | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","level":"INFO","message":"Checking if the error occurred due to token***Redacted due to potentially sensitive data***
[2025-05-05T22:07:11.426-04:00] ERROR | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Sending unhandled error after executing request PATCH https://graph.microsoft.com/v1.0//users/6e7dfd6f-6176-49a8-ad06-d27919bd7ebc and possibly retrying it: AxiosError: Request failed with status code 404","requestId":"b6c9a9acc07544d8836705f84965590d","timestamp":"2025-05-06T01:45:00.682Z","version":37}
[2025-05-05T22:07:11.427-04:00] ERROR | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Error occurred in create user ","requestId":"b6c9a9acc07544d8836705f84965590d","timestamp":"2025-05-06T01:45:00.682Z","version":37}
[2025-05-05T22:07:11.427-04:00] ERROR | connectorMessage ▶︎ {"AppType":"Microsoft Entra","commandType":"std:account:create","invocationId":"23c216c0-3c4b-4dec-8cd9-4b40cbf4b585","message":"Account creation failed!","requestId":"b6c9a9acc07544d8836705f84965590d","timestamp":"2025-05-06T01:45:00.682Z","version":37}
The different errors found in the Request Center, while tailing the logs, and in the user’s Events make me think I’m missing some kind of required attribute in the Create Profile, but I’m not sure what.