I’ve implemented Azure B2C for user login/logout and can get the id_token and pass it to my web API for authorization, all works well. Now, I have some Web API methods that should be only accessed by the client web application (ASP.NET 4.6) which means OAuth 2.0 "client credentials grant". I’ve done a lot of research and the closest I could find is this quick-start which uses ADAL in a B2C application to call Graph API.
I followed along and got to the point where I’m trying to get the client access token as in the below code. However, no matter what I pass to the AcquireToken method as the resource I keep getting an error that the application name I’m passing doesn’t exist in the tenant. I’m actually not sure what should I pass, since in the B2C world you do not register your Web API as an application but rather you have one application ID for all your Apps.
Is the above scenario supported, and how can I do it?
public async Task<string> SendGraphGetRequest(string api, string query)
{
// First, use ADAL to acquire a token by using the app's identity (the credential)
// The first parameter is the resource we want an access_token for; in this case, the Graph API.
//*** In my case I want to replace the graph API URL with my own WebAPI
AuthenticationResult result = authContext.AcquireToken("https://graph.windows.net", credential);
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 冷血范 的文章《Azure B2C client credentials grant》','https://www.manongdao.com/article-960228.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}