How can I make it so users get automatically logged in after they sign up using the Microsoft Graph API?

mirza kamaludin 0 Reputation points
2023-11-10T02:19:20.1566667+00:00

Hey everyone, hope you're having an awesome day!

So, I've got this web portal built with React.js, and I'm using Azure AD B2C for handling users and authentication. I've decided to create my own custom process for user registration instead of using the default one from Azure AD B2C (like user flow or custom policy). To do this, I'm planning to make a call to the Microsoft Graph API to create a user record in AD B2C.

Now, after a successful registration, I want users to be automatically authenticated, meaning they don't have to go back to the login page for authentication. Any ideas on how I can make this happen? Is it even possible?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,062 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,062 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,708 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,107 questions
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 22,886 Reputation points Microsoft Employee
    2023-11-29T23:06:34.5833333+00:00

    Hi @mirza kamaludin ,yes, it is possible to automatically authenticate users after they sign up using the Microsoft Graph API. One way to achieve this is by using the OAuth 2.0 Resource Owner Password Credentials Grant flow.

    Here's how it works:

    1. After a user successfully registers through your custom process and their user record is created in Azure AD B2C via the Microsoft Graph API, you can make a call to the Azure AD B2C token endpoint to obtain an access token for the user using their newly created credentials.
    2. To obtain the access token, you will need to make a POST request to the token endpoint with the user's credentials and the appropriate parameters. The endpoint URL is https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-policy-name>/oauth2/v2.0/token.
    3. The response from the token endpoint will contain an access token that you can use to authenticate the user for subsequent requests to your web portal.
    4. You can store the access token in a secure cookie or local storage on the user's device, so that they don't have to log in again when they revisit your web portal.

    Please note that the Resource Owner Password Credentials Grant flow is not recommended for public client applications, such as single-page applications (SPAs), because it requires the client to handle the user's credentials directly. Instead, you should consider using the Authorization Code Grant flow with PKCE for SPAs.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    0 comments No comments