How to acquire a user based token from Azure Graph API

Question

I have an Azure Active Directory and in my Web Api I have a piece of code that I can get a token from Azure Graph Api using the Application that I have registered with Azure and

Answer 1

A web API can access another web API (in this case, the Graph) as the current user by obtaining a new token via the onbehalfof flow. See https://github.com/Azure-Samples/active-directory-dotnet-webapi-onbehalfof for an example. The direct use of username and password is not recommended, credentials should never be collected outside of Azure AD own pages, and in this specific case it would not work (or will stop working soon)