Azure AD b2b “Read all users' basic profiles” permission

Question

I have delegated user permission User.ReadBasic.All. In the documentation, it states this

\"Allows the app to read a basic set of profile pr

Answer 1

Here you are really getting a token from the cache (using AcquireTokenSilentAsync), whereas your token was really added in the cache when you have redeemed the authorization code produced by ASP.NET using the call to AcquireTokenByAuthorizationCodeAsync. you will find the explanation in ADAL.NET conceptual documentation : Acquiring a token by authorization code in Web Apps

Note that to call the graph you might rather want to use MSAL.NET. See for instance the following branch signInAndCallMicrosoftGraph of the sample named: aspnetcore-webapp-openidconnect-v2. This is expressed as a tutorial, explaining first the sign-in phase, and then calling an API (in this case the Microsoft Graph)

Finally the authority you have used is not for Azure AD B2C (and as I mentioned in the comment on your question, for Azure AD, it should be reduced to login.microsoftonline.com{tenantId}/common)