Hi @Waqas Ahmed , thank you for your question. If you haven't already, I recommend starting with this GitHub sample. My colleague Amanpreet has a detailed writeup of validating an access token here.
Code for the Web App
In Startup.cs, below lines of code enables Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School Accounts.
services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAdB2C")
.EnableTokenAcquisitionToCallDownstreamApi(new string[] { Configuration["TodoList:TodoListScope"] })
.AddInMemoryTokenCaches();
- AddMicrosoftIdentityWebAppAuthentication : This enables your application to use the Microsoft identity platform endpoint. This endpoint is capable of signing-in users both with their Work and School and Microsoft Personal accounts.
- EnableTokenAcquisitionToCallDownstreamApi : Enables the web app to call the protected API ToDoList Api.
- AddInMemoryTokenCaches: Adds an in memory token cache provider, which will cache the Access Tokens acquired for the Web API.
Code for the Web API
In Startup.cs, below lines of code protects the web API with Microsoft identity platform.
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(options =>
{
Configuration.Bind("AzureAdB2C", options);
options.TokenValidationParameters.NameClaimType = "name";
},
options => { Configuration.Bind("AzureAdB2C", options); });
The linked GitHub sample goes further into detail about the required code. Please let me know if you have any questions or if I misunderstood yours, and I can help you firther.
If this answer helped you please mark it as "Verified" so other users can reference it.
Thank you,
James