Azure B2C: Allowing an authenticated user to access the Microsoft Graph API

Jared Romano 6 Reputation points
2020-09-29T22:19:12.09+00:00

I am trying to get delegated scopes for Microsoft graph to allow an authenticated user to log in and search for other users in an Azure B2C tenant, but can't get it to work.

I have an Asp.net Core application that is configured to use a Multi-tenant app registration in an Azure B2C tenant. I am using the Microsoft.Identity.Web library for authentication . I have been following the tutorials in https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2, however, there doesn't seem to be a tutorial oh how to use the Graph API specifically for using Azure B2C. The tutorials are not helpful since you cant setup delegate permissions in a multi-tenant application. Are there any examples I can use or guidance to get this to work?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,602 questions
Azure Active Directory External Identities
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 15,656 Reputation points Microsoft Employee
    2020-09-30T18:36:20.473+00:00

    MS Graph operations are available only trough standard Azure AD (Non B2C) app registrations. The best is to create them under the Azure Active Directory node. Only Azure AD (Non B2C) users will be able to request such pernmissions.

    --
    Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.