Graph API request returning "One or more properties contains invalid values"

facebook graph api example
graph api explorer
facebook graph api tutorial
facebook graph api post example
facebook graph api python
get user details from facebook api
graph explorer
instagram graph api

I am trying to execute B2C user creation on our company's Azure Directory. As reference, I use this site from Microsoft, and the .DotNet example in it.

I thoroughly follow the example, and I get to the point where I get authenticated, and I am able to extract the AD users in the directory. Here is the sample request I generated.

GET https ://

But when I get to the part of creating a sample user in the directory, I get the error response "One or more properties contains invalid values".

POST https ://

Here is the payload, I used, which is the exact same payload used in the site's example for user creation. This is in JSON format.

{"accountEnabled": true,"alternativeSignInNamesInfo": [{"type": "emailAddress", "value": ""}],"creationType": "NameCoexistence", "displayName": "Joe Consumer", "mailNickname": "joec","passwordProfile": {"password": "P@ssword!","forceChangePasswordNextLogin": false},"passwordPolicies": "DisablePasswordExpiration"}

This payload conforms with the requirements based on the User Creation requirements from Microsoft, also, it is the exact same payload in the site's example, which is why it is strange that I am receiving the a message that one of the properties has invalid values. The worse thing is, the response does not explicitly state which value is the source of the problem.

Any help would be appreciated.

I don't think this is possible on your company's Active Directory, you need to create a seperate B2C Active Directory.

Follow this tutorial to create a B2C directory:

Advanced - Graph API, nextLink - If your request returns a lot of data, you need to page through it by using the URL returned in @odata.nextLink . For details, see Paging. HTTP methods. Browse other questions tagged json azure-ad-graph-api azure-ad-b2c or ask your own question. Blog Requirements volatility is the core problem of software engineering

Do you have B2C tenant created and it has application that is created in Azure AD.

Can you please try this payload, it works fine for me.

  "accountEnabled": true,
  "signInNames": [
      "type": "emailAddress",
      "value": ""
  "creationType": "LocalAccount",
  "displayName": "karthikeyan",
  "mailNickname": "karthikeyan",
  "passwordProfile": {
    "password": "cads2016!",
    "forceChangePasswordNextLogin": false
  "passwordPolicies": "DisablePasswordExpiration",
  "city": "San Diego",
  "country": null,
  "facsimileTelephoneNumber": null,
  "givenName": "Joe",
  "mail": null,
  "mobile": null,
  "otherMails": [],
  "postalCode": "92130",
  "preferredLanguage": null,
  "state": "California",
  "streetAddress": null,
  "surname": "Consumer",
  "telephoneNumber": null,


Graph API User, For information about the latest updates, see the Microsoft Graph changelog. Functionality available only in Office 365 REST or Azure AD Graph APIs returned by the request by including a query parameter, for example:. The request object ID. string. application. App associated with the request. App. to. The recipient of the request. User. from. The sender associated with the request. This is only included for user to user requests. User. message. A string describing the request. string. created_time. Timestamp when the request was created. datetime

I got this error when trying to create a user with a sign in name where the type was set to userName and the value was actually an email address. I thought username would allow any arbitrary string, but apparently if you want to use an email as a username the type must be set to emailAddress before it will pass Microsoft's validation.

public class SignInNames
    public string type { get; set; }
    public string value { get; set; }

    public SignInNames(string userName)
        // Type must be 'emailAddress' (or 'userName')
        if (!string.IsNullOrWhiteSpace(userName) && userName.Contains("@"))
            this.type = "emailAddress";
            this.type = "userName";

        // The user email address
        this.value = userName;

Use the Microsoft Graph API, $request = new FacebookRequest($session, 'GET', '/{myobject}/insights', array('​period' => 'lifetime'));. will work for me I suspect it's my Access token- but I'm not​  Request body. Do not supply a request body for this method. Response. If successful, this method returns a 200 OK response code and a collection of credentialUserRegistrationDetails objects in the response body. Examples. The following example shows how to call this API. Request. The following is an example of the request.

Known issues with Microsoft Graph, Nodes. A node is an object returned from Graph like a user, page or event. If a page has an id of 1337 it can  However, due to a service issue, this API returns a 200 OK and a Boolean parameter that is always true. Until this is fixed, developers are simply advised to treat any 2xx return code as success for this API. Incomplete objects when using getByIds request. Requesting objects using Get directory objects from a list of IDs should return full objects.

Facebook PHP Graph API not returning complete data, token refer to:\n\nIf the access token expires, or the user de-authorizes your app, the API request will return  When a throttling threshold is exceeded, Microsoft Graph limits any further requests from that client for a period of time. When throttling occurs, Microsoft Graph returns HTTP status code 429 (Too many requests), and the requests fail. A suggested wait time is returned in the response header of the failed request.

Optimizing request queries to the Facebook Graph API :: Sammy , A simplistic definition of a Graph API is an API that models the data in terms The above request returns a response that has the post's caption,  Authentication with Azure AD: Every request to Azure AD Graph API must be authenticated by appending a JSON Web Token (JWT) in the Authorization header of the request. This token is acquired by making a request to Azure AD's token endpoint and providing valid credentials.

  • Thank you very much. I will try that and let you know how it goes.
  • i tried both but when i make separate B2C Active Directory i get Error insufficient privilege to complete operation, when i try Application reg. step mentioned in question i get error "One or more properties contains invalid values." pls help me which one to follow.