截至今天，文档建议使用 Microsoft Graph 而不是 Azure AD Graph API 来访问 Azure AD/B2C 资源.

以前，使用 Azure AD Graph API，我们可以使用类似的查询

以上内容适用于内置策略.

As of today the documentation recommends to use Microsoft Graph instead of Azure AD Graph API to access Azure AD / B2C resources.

Before, with Azure AD Graph API, we could use queries like https://graph.windows.net/[tenant]/users/1a2a9c4d-fc59-4fd9-ad14-b72b549cdf6a?api-version=2013-11-08

and the response included Azure B2C custom attributes (created on Azure portal)

{
        "odata.metadata": "https://graph.windows.net/<tenant>/$metadata#directoryObjects/Microsoft.DirectoryServices.User",
        "value": [
            {
                "objectId": "00000eab-603a-4de2-9d25-d3821e7d6583",
                ...
                "extension_3a4189d71ad149c6ab5e65ac45bd6add_MyAttribute1": "something"
            }
        ] 
}

This does not happen with the Graph API, only some "basic" attributes are returned https://graph.microsoft.com/v1.0/users/00000eab-603a-4de2-9d25-d3821e7d6583

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
    "id": "00000eab-603a-4de2-9d25-d3821e7d6583",
    ...
}

Also tried to explicitly select the property but the extension value is not returned

...graph.microsoft.com/v1.0/users/00000eab-603a-4de2-9d25-d3821e7d6583/?$select=id,extension_3a4189d71ad149c6ab5e65ac45bd6add_MyAttribute1

How can we read Azure B2C custom attributes with Graph API?

Custom attributes are returned:

Request

GET https://graph.windows.net/mytenant.onmicrosoft.com/users/8b2ceb5d-4f45-4e42-b979-419119df4eaf?api-version=1.6

Response

{
      "odata.type": "Microsoft.DirectoryServices.User",
      "objectType": "User",
      "objectId": "8b2ceb5d-4f45-4e42-b979-419119df4eaf",
      ...
      "userType": "Member",
      "extension_5c5668a4ddb44c27b0d55cb412c41787_loyaltyId": "some value from the demo"
}

Source: this is from the sample app: B2C-GraphAPI-DotNet

Lookup Extension Guid via the Azure Portal

The above is for builtin in policies.