Right usage of “acquireTokenSilent” (MSAL) from SPA, when using Azure AD B2C

2
votes

Setup:

  • Client Web UI as SPA (Angular), using MSAL;
  • Web API (REST) as ASP.NET Core (.NET Framework);
  • Azure AD B2C with App registrations for the above, having defined one scope on the Web API, to be consumed by the Web UI;

Questions:

  • When I want to make use of local token caching, do I have to add a User object as additional param to the acquireTokenSilent call? (None of the code samples is using the User object as param, so I was wondering what the correct usage is?)
  • I saw samples, where the Client ID is used instead of scopes. Is this a supported scenario and if so, when specifically?

Thanks, OliverB

1
azure-ad-b2cmsal
SO is not about asking how you write your code.Elmer Dantas
Right, it is not really about how to write the code. I know the API to use, but I do not know the correct parametrization. (Sorry, this is my very 1st question on Stack Overflow, so I have to improve my question writing...)OliverB
no need for excuses...my comment was just to let you know what your question seems like. Put more details about your problem, what you have and what you wanna achieve...this will help people helps you.Elmer Dantas

1 Answers

0
votes

You can use the Client Id instead of scopes when the Web API you are calling to acquire a token wouldn't not accept an access token: in this case, msal.js will use the ID token to query the Web API.