I am using Azure AD B2C as my authentication. We are currently building an SPA and have API Management as a backend API. And I have access to API Management with an access token issued by B2C. Here, we want to use user information in the SPA, so we are considering using the MsGraph API. At this time, we also need an access token to access MsGraph. Can we use the same access token for MsGraph and APIM? Can I use the same access token for MsGraph and APIM, or do I need to save both MsGraph and APIM access tokens? If each access token is required, is a refresh token also required for each API?
CodePudding user response:
You will need to get multiple tokens in AAD to access different resources. You can use a refresh token from one resource to request an access token for a second resource. I am guessing that you want to minimize access token refresh for multiple resources, so use the refresh token from one resource to get new access tokens from both.
https://docs.microsoft.com/en-us/azure/active-directory/develop/refresh-tokens