![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 80%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELF%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,471 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello @LeonardoFerreira-1113 ,
You can call the Microsoft Graph API to interact with your B2C tenant . Please checkout the links on Microsoft Graph Authentication Overview article for more information on how to authenticate to Graph and get a auth token for operations. You can use the Create user API function to create the user . In order to do this you would need to have a graph Application registered in your B2C tenant . More information about working with User objects can be found here. Start with the Basic authentication concepts here in order to understand how to get the auth tokens. There is a Native desktop App tutorial for Azure AD B2C which you can test this with . Its is a native WPF app sample based on .net which you can download from the linked github repo. I am not sure which language you are using but this would give you some idea on how the operations work which you are looking for.
As per your request I believed that you were trying to use complete Modern authentication architecture within your native app however as I understand , you require a username/password flow where your app will collect the credentials for the user and send the API request to the Azure AD auth system. In this case you actually need to use the ROPC oAUth flow with azure AD for authentication. In other oAuth authentication flows , we provide an embedded web view where the credential is directly provided by the user on Microsoft provided login page and the login screen within the application is designed to show the webview. But if you use ROPC oAuth Authentication flow with Azure AD , you can collect the username and password for the user and then send it to the Azure AD auth endpoint https://login.microsoftonline.com/{Tenant ID or name}/oauth2/v2.0 . For Azure AD b2c specific ROPC setup , please check the MSAL.net B2C considerations article. The following request flow diagram explains how ROPC will work. The client referred in the screenshot is your desktop application.
However you cannot use this with Microsoft Accounts(Live Id , Outlook.com or hotmail.com ID , xbox live etc.). And there are other limitations with this flow , that you cannot leverage modern authentication techniques like conditional access and MFA hence its not considered as safe as other flows. If a user who has MFA enabled on their account tries to logon to your app they wont be able to sign in and this is by design. The application would not benefit from single signon as well. As per our documentation for ROPC, you can see the details as marked in below screenshot.
There is a working sample for ROPC flow which you can test . If there are any issues with the sample , you can always open an issue within the repo on github . You can read more on supported oAuth Authentication flows with Azure AD. I believe the related links would give you a detailed idea about how you can use ROPC flow with Azure AD within your desktop application and what will be the limitations that you will face within your user applications. As mentioned on the ROPC page, it is mostly used in some devops scenarios.
Hope the above information clarifies your queries. I have linked the articles within the answer. I would suggest you to go through the links and they will definitely help you . In case the information in this post is helpful ,please do accept it as answer so that it can help other members of the community . If you still have any other queries, please do let us know and we will be happy to help.
Thank you.