Share via

Obtained access token v.1.0 instead v2.0 with B2C user flow

Maria Senkiv 46 Reputation points
2021-09-10T16:03:37.16+00:00

Hello team,
I've registered two applications in my B2C tenant that support user flows. One application exposes Web API (both Delegated and Application scopes are exposed). Second application is web application that has permission to access my Web API. Web application is configured to support implicit flow to get access token. For implicit flow I'm using the endpoint like this "https://<my_organization>.b2clogin.com/<my_organization>.onmicrosoft.com/b2c_1_user_sign_up_sign_in/oauth2/v2.0/authorize", Web API application has in its manifest file ""accessTokenAcceptedVersion": 2" but still receive access token v 1.0, could you please point me out what I'm doing wrong?

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments
Answer accepted by question author
  1. Siva-kumar-selvaraj 15,736 Reputation points Volunteer Moderator
    2021-09-13T08:09:10.27+00:00

    Hello @Maria Senkiv ,

    Thanks for reaching out.

    This is by design behavior whereas Microsoft identity platform Azure AD endpoint can issue v1.0 tokens and v2.0 tokens based on "accessTokenAcceptedVersion attribute" but B2C endpoint token are always issued as V1 access token.

    Hope this helps.

    ---
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.