'Can MSAL handle access tokens issued by my own web api?

I would like to use Azure for authentication, but have access tokens provided by my own .net web api. Can msal be configured to call my web api's endpoints instead of azures to manage the lifecycle of the access token?

In a perfect world, I could use acquireTokenSilent the same way I would for azure, but for my own web api.

msalmsal.js


Solution 1:[1]

Yes, it can. You'll need to register a custom scope in the Azure Portal for your resource and API, configure your API to require an access token with the right resource and scopes (as registered in the portal), and then provide that scope to MSAL when you call acquireTokenSilent or similar APIs.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 jasonnutter

Related Questions

Unable to initialize MSAL within organization linux sever due to socket timeout

Retrieve logged user info from microsoft graph in a framework .net environment

Intermittent problem using loginPopup MSAL JS in a REACT PWA

Error - Intent filter for: BrowserTabActivity is missing. While using AzureAD MSAL Lilbary

MSAL.NET OBO refresh token problems

Xamarin.Forms MSAL authentication java.exe exited with code 1

Share session data between Flask apps in separate Docker containers that are served using a reverse proxy

How to validate AzureAD accessToken in the backend API

In the MSAL Python library, are the ConfidentialClientApplication and its underlying TokenCache objects thread safe?

UI-Less authentication with PRT

Non-interactive authentication fails with WsTrust server issue MSIS7068

Microsoft Authentication Client credentials flow using client secret MSAL

Some Microsoft endpoints do not accept the JWT token produced by MSAL

Not able to get access token from azure AD using MSAL4J

Not able to get access token from azure AD using MSAL4J