In this link: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations there is a field called mailNickname which adds email alias for a user in active directory.
My organization uses this. So, 1 user will have 2 mail IDs ([email protected] and [email protected])
How do I get the alias list of a user through an API from the azure active directory?
We have implemented a web app with Single Sign On and the above problem leads to the same user creating 2 different accounts and both are not connected.
Any help is appreciated.
You are mixing user alias with list of user e-mail addresses. E-mail alias is unique value which identifies user mailbox, it is not necessary part of its e-mail, usually it is. It is name used when user is accessing its mailbox with POP or IMAP.
E-mail addresses what you call aliases is collection of e-mail addresses stored in proyAddresses: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#user-entity
You should not use e-mail as a property to identify a user but userPrincipalName (UPN) as this is a value which is being used to identify a user. UPN is usually same as e-mail but again - it doesn't have to be.
User UPN however might also change. It can do this and it happens, so if you want to store this information somewhere, instead of the UPN obtain user's objectId and store it.
If you are implementing SSO based on Azure AD you should use library like ADAL.NET - it is handling all these operations for you: https://learn.microsoft.com/en-us/azure/active-directory/active-directory-authentication-libraries