How to get all Azure AD account list using token generated by user_impersonation scope on /common endpoint

0
votes

As Azure AD authentication document have defined way to get token using /common end point as below.

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

I am able to get access_token (using /common endpoint), but now I am looking for API or way to get tenant/account wise token to access subscription of respective tenant

I see Microsoft is doing it for Azure Rest API Testing. You can hit "Try It" button and after login you will have all the Azure AD account to which you belongs and token tenant wise (You can review /accesstoken endpoint in browser console)

https://docs.microsoft.com/en-us/rest/api/resources/subscriptions/list#code-try-0

How I can achieve same as below screenshot.

enter image description here

Note: I do not have user tenant list, by which I can get tenant wise access_token

2
azureazure-active-directoryazure-ad-b2cazure-ad-graph-api

2 Answers

0
votes

There's a REST API to get the list of tenants (Azure ADs) a user is part of. You can find details about this API here: https://docs.microsoft.com/en-us/rest/api/resources/tenants/list.

0
votes

You can get tenant wise subscription list from passing particular tenant id when getting access token.

var accessToken =
                await tokenAcquisition.GetAccessTokenForUserAsync(new[] { $"{ArmApiOperationService.ArmResource}user_impersonation" }, tenantid);

But ms doc using another method '.TokenAuthCookies' cookie header when requesting from 'https://token.docs.microsoft.com/accesstokens'. We have generate tokencookie when we sign with open id. Did you find a way for that already?