Share via

Creating API permissions in Azure AD B2C, status doesn't change to "Granted for ..."

Scott Johnson 0 Reputation points
2024-06-13T16:23:18.2033333+00:00

I'm working with the Azure AD B2C using these instructions for my first build:

https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy

Under "granting permissions to the API scope". I waited about 10 minutes, selected the user_impersonation scope and saved it. I then waited another 10 or so minutes and the status doesn't change to "Granted for ...", it stays on "Not granted for ..."

What am I doing wrong?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akhilesh Vallamkonda 15,340 Reputation points Moderator
    2024-06-14T06:42:02.1366667+00:00

    Hi @Scott Johnson

    Thank you for post!

    I understand that you are trying to add Permission under API Permission with the scope you selected user_impersonation and you noticed that status doesn't change to Granted which shows in below screen shot.

    User's image As per the document you are referring the admin consent required to use the scope, you can grant the admin consent in same page which is show in below screen shot. User's imageOnce you grant admin consent by clicking yes, the status of API permission shows to green which as shows in the bellow.
    User's image

    Reference: https://learn.microsoft.com/en-us/azure/active-directory-b2c/app-registrations-training-guide#admin-consent-and-offline_accessopenid-scopes

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Akhilesh.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.