Downstream call to web API not supported in B2C

[Core121]

trafficstars

I have a web API that needs to call another web API, where both are protected by B2C. This is unsupported yet should be a pretty common request.

Seems many people are requesting this, but no one has responded on the azure feedback site. https://feedback.azure.com/d365community/idea/86d396da-b125-ec11-b6e6-000d3a4f0789

Documentation showing downstream calls are unsupported in B2C. https://learn.microsoft.com/en-us/azure/active-directory-b2c/application-types#web-api-chains-on-behalf-of-flowI

Please let me know if this is the wrong place to submit this request.

[SariDev]

I'm also interested in this.

This link states that AD B2C does not support the "on behalf of" flow: https://learn.microsoft.com/en-us/azure/active-directory-b2c/access-tokens

Also as far as I know an Azure App Registration in AD B2C that exposes scopes via the "Expose an API" menu can only expose "delegated" scopes and not "application" scopes (Only possible in Azure AD).

These "delegated" scopes can't be used when an API uses the ITokenAcquisition.GetAccessTokenForAppAsync method

So we can't use:

• "on behalf of" flow
• application authentication

What is the current approach for Azure AD B2C protected API to call another Azure AD B2C protected API?

I would have expected that this is a common scenario.