I want to query application roles and group claims from Azure Active Directory in my Angular 5 Web App. I want to give admins special permissions / access to pages. I have a registered a B2C App in Azure and a Microsoft App at https://apps.dev.microsoft.com and have tried querying data via Microsoft Graph with the MSAL.js.
I used the Application ID from my B2C Web App as the clientID, acquired a token, and called to the endpoint "https://graph.microsoft.com/v1.0/users". The data returns as an array with one user with my information. When I query the groups I get an empty array. My app right now has multiple test users, and a few groups.
It seems I am pulling data unrelated to my app in Azure. Am I querying the right source of data? Do I need to set other permissions or scopes?
I found a post that has useful info about group claims. I've tried applying it to my Angular App, but the .NET libraries seem more fleshed out than Angular's.
More information: It wasn't helpful, but I played around with registering an Active Directory App, created two apis (Microsoft Graph and Windows Azure Active Directory) and set required permissions for both. I tried to use that app's Application ID in MSAL.js with the Azure Graph Api endpoint "https://graph.windows.net" which was unsuccessful. I have played around with using the Graph Explorer but the most I was able to query was that one user.