'Are nested groups supported?
Are nested groups supported in Azure B2C?
This page suggests there is some support, because it links to https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-limitations#restriction-on-nested-groups
If there are restrictions on them then I assume they are at least partially supported. Unfortunately that page no longer exists.
I couldn't find any information in MSFT docs about the status of this feature.
I've tried their User Voice, but the only thing I found is an entry about plain "Azure AD" (I thought that is supported already, but it appears it's not if there is an open request about it)
FWIW I cannot add a nested group in the way that's suggested by MSFT documentation. I don't see that option in the UI, though it lists "0 groups" as members.
Trying to add a group to another group via Graph API results in
{"error":{"code":"Request_BadRequest","message":"An invalid operation was included in the following modified references: 'members'.","innerError":{"date":"2022-04-20T15:32:34","request-id":"7d183819-019a-4f23-b31f-1765dcd7d44a","client-request-id":"7d183819-019a-4f23-b31f-1765dcd7d44a"}}}
Solution 1:[1]
After wrangling with MSFT support I got an answer that nested groups are not supported in B2C enabled tenants.
This can be done in Azure AD and not on the B2C AD. Adding a group as a member of another group in Azure AD B2C is not supported.
Solution 2:[2]
Azure AD has some support for nested groups.
B2C has no groups support. Typically, you assign the groups in Azure AD and then access them from B2C via Graph via REST API.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jakub Bochenski |
| Solution 2 | rbrayb |