Jeff Saremi
Reputation: 3024
Can I access Azure AD graph api and Azure management resources using the same accessToken
It looks like if I create a token using "https://management.core.windows.net" as the resource ID then I won't be able to use the same accessToken against the graph API. Is there a way to avoid calling the AcquireTokenAsync more than once?
AuthenticationResult result = authContext.AcquireTokenAsync("https://management.core.windows.net", "<some_client_id>, new Uri("https://localhost"), new PlatformParameters(PromptBehavior.Always)).Result;
TaskCompletionSource<string> tcs = new TaskCompletionSource<string>();
tcs.SetResult(result.AccessToken);
ActiveDirectoryClient graphClient = new ActiveDirectoryClient(new Uri("https://graph.windows.net/" + result.TenantId),
() => { return tcs.Task; });
foreach (var app in graphClient.Applications.ExecuteAsync().Result.CurrentPage)
{
Console.WriteLine($"{app.AppId}, {app.DisplayName}");
}
Upvotes: 1
Views: 98
Answers (1)
BenV
Reputation: 12452
An Azure AD access token is only good for a single resource, so the short answer is no.
However, you do benefit from the fact that Azure AD issues multi-resource refresh tokens, which means that obtaining an access token for the second resource is simply a call to the AAD token endpoint, and not the full authentication flow.
Upvotes: 2
Related Questions
- Can I access multiple APIs with one access token?
- Get a msgraph access token using another access token
- How can I access Azure Graph AND Microsoft Graph using same OAuth2 token?
- Can I use multiple authentication providers in Azure API Management?
- How to access Azure AD 2.0 Graph with Azure AD 1.0 Token
- Access Token for both Microsoft Graph and Custom API
- Microsoft graph and Azure Ad user authentication
- Azure AD with external accounts and Microsoft Graph API
- Get Azure AD Graph Token if already Authenticated
- Can I use Azure AD user for authorization while using an application identity to access Azure Graph API?