Microsoft Graph client error : Authentication challenge is required error

ajit goel 1 Reputation point
2021-04-11T22:48:43.043+00:00

Tagging @AmanpreetSingh-MSFT for help.

I am working on a Blazor server side .Net 5.0 application that allows a user to delete a user from Azure AD B2C after he has logged in. I am using the information contained in this article. I am getting a Message: Authentication challenge is required. error.

What could I be missing?

Code to delete user using Azure AD B2C:

using Microsoft.Graph;  
using Microsoft.Graph.Auth;  
using Microsoft.Identity.Client;  
public async Task DeleteUser(string id)  
  
        {  
            var confidentialClientApplication = ConfidentialClientApplicationBuilder  
                .Create(this.azureADB2C.ClientId)  
                .WithRedirectUri(this.azureADB2C.RedirectUri)  
                .WithClientSecret(this.azureADB2C.ClientSecret)  
                .Build();  
            var authorizationCodeProvider = new AuthorizationCodeProvider(confidentialClientApplication);  
            var graphClient = new GraphServiceClient( authorizationCodeProvider );  
            await graphClient.Users[id].Request().DeleteAsync();  
        }  

AppSettings.json:

"AzureADB2C": {  
    "Instance": "https://InstaTranscribe.b2clogin.com/",  
    "Domain": "InstaTranscribe.onmicrosoft.com",  
    "ClientId": "<ClientId>",  
    "SignUpSignInPolicyId": "B2C_1_SignUpSignInUserFlow",  
    "ResetPasswordPolicyId": "B2C_1_PasswordResetUserFlow",  
    "EditProfilePolicyId": "B2C_1_ProfileEditingUserFlow",  
    "CallbackPath": "/signin-oidc",  
    "RedirectUri": "http://localhost:20000/signin-oidc",  
    "ClientSecret": "<ClientSecret>"  
  },   

Platform Configuration:

86633-5x86v.png

API Permissions

86560-sb2zm.png

Exception Stack:

Status Code: 0  
Microsoft.Graph.ServiceException: Code: generalException  
Message: An error occurred sending the request.  
  
 ---> Microsoft.Graph.Auth.AuthenticationException: Code: authenticationChallengeRequired  
Message: Authentication challenge is required.  
  
   at Microsoft.Graph.Auth.AuthorizationCodeProvider.AuthenticateRequestAsync(HttpRequestMessage httpRequestMessage)  
   at Microsoft.Graph.AuthenticationHandler.SendAsync(HttpRequestMessage httpRequestMessage, CancellationToken cancellationToken)  
   at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)  
   at Microsoft.Graph.HttpProvider.SendRequestAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)  
   --- End of inner exception stack trace ---  
   at Microsoft.Graph.HttpProvider.SendRequestAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)  
   at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)  
   at Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)  
   at Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)  
   at Microsoft.Graph.UserRequest.DeleteAsync(CancellationToken cancellationToken)  
   at Services.SecurityService.DeleteUser(String id) in C:\temp\InstaTranscribeServerSide\Services\SecurityService.cs:line 109  
   at InstaTranscribeServerSide.Pages.DeleteAccountComponent.EditForm_OnValidSubmit() in C:\temp\InstaTranscribeServerSide\server\Pages\DeleteAccount.razor.designer.cs:line 62  
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,598 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,947 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Nandeesh Swami-MSFT 1 Reputation point Microsoft Employee
    2021-04-21T17:21:41.457+00:00

    Hi,

    Looking at your description, you need ClientCredentialProvider not AuthorizationCodeProvider. Couple of points to verify is Admin Consent and Application Permission in App Registration.
    Let me know if you have any further queries.

    0 comments No comments