0

Im using https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet for creating and reading users using the graph apis . I have already added the required permissions (and even a few extra ones ) for the app in b2c . enter image description here

when i try to either read or write any user it gives me an error of Insufficient privileges . any help would nice ?

srijan saxena
  • 61
  • 4
  • We strongly recommend that you use Microsoft Graph instead of Azure AD Graph API to access Azure Active Directory resources. Our development efforts are now concentrated on Microsoft Graph and no further enhancements are planned for Azure AD Graph API. There are a very limited number of scenarios for which Azure AD Graph API might still be appropriate; for more information, see the Microsoft Graph or the Azure AD Graph blog post in the Office Dev Center. – Raghavendra beldona Aug 31 '20 at 19:22
  • Please refer the GitHub [sample](https://github.com/Azure-Samples/ms-identity-dotnetcore-b2c-account-management) and related [documentation] (https://learn.microsoft.com/en-us/azure/active-directory-b2c/manage-user-accounts-graph-api). Let us know if you are facing issue let us know the corelationid and the timestamp details – Raghavendra beldona Aug 31 '20 at 19:24

1 Answers1

1

The example uses a service account, which are Application Permissions, not Delegated permissions as per your screenshots. You must have registered your App as a B2C app - rather you need to create it with the first option “Accounts in this directory only”. Then assign Application permissions to AAD Graph API.

Ideally you move to MS Graph API, as it’s the go-forward API.

Jas Suri - MSFT
  • 10,605
  • 2
  • 10
  • 20