Hi @mirza kamaludin ,yes, it is possible to automatically authenticate users after they sign up using the Microsoft Graph API. One way to achieve this is by using the OAuth 2.0 Resource Owner Password Credentials Grant flow.
Here's how it works:
- After a user successfully registers through your custom process and their user record is created in Azure AD B2C via the Microsoft Graph API, you can make a call to the Azure AD B2C token endpoint to obtain an access token for the user using their newly created credentials.
- To obtain the access token, you will need to make a POST request to the token endpoint with the user's credentials and the appropriate parameters. The endpoint URL is
https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-policy-name>/oauth2/v2.0/token
. - The response from the token endpoint will contain an access token that you can use to authenticate the user for subsequent requests to your web portal.
- You can store the access token in a secure cookie or local storage on the user's device, so that they don't have to log in again when they revisit your web portal.
Please note that the Resource Owner Password Credentials Grant flow is not recommended for public client applications, such as single-page applications (SPAs), because it requires the client to handle the user's credentials directly. Instead, you should consider using the Authorization Code Grant flow with PKCE for SPAs.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James