Get access token AZURE ad B2C user

2
votes

I have the following requirement:

  1. create a user on AD B2C.
  2. using the credentials of that user, I need to get access token and refresh token to access an existing api(REST SERVICE).

Active directory here is Azure AD.

I am new in oAuth and Azure. Please suggest me the steps and configuration to achieve this. (I do not want any user interaction to get access token and refresh token). creating a user is clear to me. but if it requires any specific type of user or any required permissions, please suggest those.

1
azureoauth-2.0azure-authentication
Are you sure you need a user account here and not a service principal? - Martin Brandl
I need to create user because application is multi tenant, if a service principal can be created per tenant, I am ok with that also(but creating user will be more helpful). @MartinBrandl - asvni

1 Answers

0
votes

To me, it sounds like your use case can be better realized with a service principal. If you don't need a user context but, consider using an SP instead. See: Microsoft identity platform and the OAuth 2.0 client credentials flow

If for whatever reason you want to stick to non-interactive user login, you can use the Resource Owner Password Credentials flow. But be aware that:

Microsoft recommends you do not use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application, and carries risks which are not present in other flows. You should only use this flow when other more secure flows can't be used.