Goal: Prevent the use of client ID and secrets when making calls to Graph API. Is either of the following possible?
- Use Azure Managed Identity (that has been given Microsoft Graph API permissions) in applications using Azure B2C for Authentication. Thus avoiding the use of client ID and secrets.
- If 1. is not possible, used Managed Identity (that has been given Microsoft Graph API permissions) in applications using Azure B2C for authentication to access secrets in Azure KeyVault.