Local user accounts not created properly in Azure AD B2C

I have an Azure AD B2C tenant and there are 2 app registrations are there under that. One for my API and another for my UI application.

My identity provider is Ping Federate and My login is working correctly.

One thing which I have spotted here, eventhough my login process is happening through PING, there is a local account created here in Azure AD B2C also. The only thing which I can connect between AD B2C account and PING federate user is its ID. There are lot of fields for azure AD B2C local accounts. Those fields are not populated. Only the ID and issuer is populated.

1. My question is when is azure creating this local user? because I have users only in ping.
2. What is the purpose of creating this user in Azure AD B2C as authentication is happening in PING.
3. Is there an option to control this behavior. Like if azure is creating a local user for each PING users, I need to populate all the fields and properties from PING to this local user account also. Like first name and last name.

Excuse me for the last question that I am going to ask. Is there any way to create an implementation like, if I create and account in AD B2C, the same should automatically created in PING also.

When you federate in B2C, you create a shadow account, not a local account.

Shadow accounts are usually created in a custom policy by calling “AAD-UserWriteUsingAlternativeSecurityId”, which writes the user entry using “AlternativeSecurityId” (the federated version of the local account “objectId”).

The purpose of this is to act as a placeholder for the user in B2C.

I wrote a post describing how to remove this.

If you would to populate some fields from Ping, you need to add them to the shadow account.