MicrosoftMicrosoftWe have implemented azure b2c to control access to one of our applications. As part of this process we have User flows for the signup process but we also (within our application itself) use MS graph to create users directly into azure b2c that we can then link to our application.
We also have a user portal where they are able to update their password - we are using MS graph to update the users password via the call
This all works fine in our UAT environment - using a b2c tenant that i setup Feb 2020 i was able to setup API permissions both application and delegate and able to set the following permission under API permissions for the application
This (i believe enables the above call to work)
When we then went live - we setup a production environment and production version of b2c we were unable to set this permission as a delegate permission on Microsoft graph and this therefore stops us being able to update the users password from within the users web portal. All the other functionality is working fine e.g. creating users through MS Graph. When we try and call the update password method (on production) we get the following;
Now i know that i can use user flows (which we do have in place as part of the registration process) but we want a seamless (as is working on our UAT environment) user experience so wish to do the password update through MS Graph.
Any thoughts on this, i have logged the issues through Microsoft support and chatted to their Tek experts but they don't seem to have an answer for this.
