Obtained access token v.1.0 instead v2.0 with B2C user flow

Maria Senkiv 46 Reputation points
2021-09-10T16:03:37.16+00:00

Hello team,
I've registered two applications in my B2C tenant that support user flows. One application exposes Web API (both Delegated and Application scopes are exposed). Second application is web application that has permission to access my Web API. Web application is configured to support implicit flow to get access token. For implicit flow I'm using the endpoint like this "https://<my_organization>.b2clogin.com/<my_organization>.onmicrosoft.com/b2c_1_user_sign_up_sign_in/oauth2/v2.0/authorize", Web API application has in its manifest file ""accessTokenAcceptedVersion": 2" but still receive access token v 1.0, could you please point me out what I'm doing wrong?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,955 questions
0 comments No comments
{count} votes

Accepted answer
  1. Siva-kumar-selvaraj 15,671 Reputation points
    2021-09-13T08:09:10.27+00:00

    Hello @Maria Senkiv ,

    Thanks for reaching out.

    This is by design behavior whereas Microsoft identity platform Azure AD endpoint can issue v1.0 tokens and v2.0 tokens based on "accessTokenAcceptedVersion attribute" but B2C endpoint token are always issued as V1 access token.

    Hope this helps.

    ---
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.