Hi @Sateesh Kumar Sharma • Thank you for reaching out.
In the B2C directory, to get the custom app role in the token acquired using Client_Credentials flow, you need to update the application manifest as the app roles and token configuration blade are not available in the B2C tenant.
- First, you need to add the app role in the application manifest, as mentioned below:
"appRoles": [ { "allowedMemberTypes": [ "Application" ], "description": "Test all aspects of the application", "displayName": "Tester", "id": "a0e9939a-e77b-4ec3-94b3-a6d2d33bcbde", "isEnabled": true, "lang": null, "origin": "Application", "value": "test.all" } ],
- Once the manifest is updated, go to the Expose as API blade of the application and set the Application ID URI.
- Then go to API Permissions blade > Add a permission > My APIs > Select the application whose manifest you updated.
- Select Application permissions > select required permissions > Add permission.
- Use client credentials flow to acquire the token:
- Decode the token at jwt.ms and notice the roles claim includes the permission, as shown below:
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.