Share via

How can I make it so users get automatically logged in after they sign up using the Microsoft Graph API?

Muhammad Mirza Bin Kamaludin 0 Reputation points
2023-11-10T02:19:20.1566667+00:00

Hey everyone, hope you're having an awesome day!

So, I've got this web portal built with React.js, and I'm using Azure AD B2C for handling users and authentication. I've decided to create my own custom process for user registration instead of using the default one from Azure AD B2C (like user flow or custom policy). To do this, I'm planning to make a call to the Microsoft Graph API to create a user record in AD B2C.

Now, after a successful registration, I want users to be automatically authenticated, meaning they don't have to go back to the login page for authentication. Any ideas on how I can make this happen? Is it even possible?

Windows for business Windows Client for IT Pros Directory services Active Directory
Microsoft Security Microsoft Entra Microsoft Entra External ID
Microsoft Security Microsoft Entra Microsoft Entra ID
Microsoft Security Microsoft Graph

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 27,211 Reputation points Microsoft Employee Moderator
    2023-11-29T23:06:34.5833333+00:00

    Hi @Muhammad Mirza Bin Kamaludin ,yes, it is possible to automatically authenticate users after they sign up using the Microsoft Graph API. One way to achieve this is by using the OAuth 2.0 Resource Owner Password Credentials Grant flow.

    Here's how it works:

    1. After a user successfully registers through your custom process and their user record is created in Azure AD B2C via the Microsoft Graph API, you can make a call to the Azure AD B2C token endpoint to obtain an access token for the user using their newly created credentials.
    2. To obtain the access token, you will need to make a POST request to the token endpoint with the user's credentials and the appropriate parameters. The endpoint URL is https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-policy-name>/oauth2/v2.0/token.
    3. The response from the token endpoint will contain an access token that you can use to authenticate the user for subsequent requests to your web portal.
    4. You can store the access token in a secure cookie or local storage on the user's device, so that they don't have to log in again when they revisit your web portal.

    Please note that the Resource Owner Password Credentials Grant flow is not recommended for public client applications, such as single-page applications (SPAs), because it requires the client to handle the user's credentials directly. Instead, you should consider using the Authorization Code Grant flow with PKCE for SPAs.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.