ckjacksoncda
commented
3 years ago I'm having the same issue - the AAD UI has changed from what's described in the documentation:
Click on the name of the app we've just created and then on "All settings" > "Required permissions" > "Windows Azure Active Directory". Ensure that the app has, at least, Sign in and read user profile checked, in the Delegated permissions section. Click on the Grant permissions button and then click on "Yes" to grant the permissions in all the accounts in the current directory.
That option doesn't exist. Instead, I have tried to apply the new Graph API permissions that should have taken its place (to the point of redundancy):
- Directory.Read.All
- GroupMember.Read.All
- Group.ReadAll
- User.Read.All
I continue to successfully authenticate but get the following authorization error:
Azure AD B2C Sync Starting Azure AD B2C Synchronization Error while synchronizing the roles from portal 0: System.Net.WebException: Error Calling the Graph API: { "odata.error": { "code": "Authorization_RequestDenied", "message": { "lang": "en", "value": "Insufficient privileges to complete the operation." }, "requestId": "236352d0-70af-43ed-bd22-f410a9d4328b", "date": "2021-04-02T17:47:11" } } at DotNetNuke.Authentication.Azure.B2C.Components.Graph.GraphClient.SendAADGraphRequest(String api, String query, String body, HttpMethod httpMethod) at DotNetNuke.Authentication.Azure.B2C.Components.Graph.GraphClient.GetAllGroups(String query) at DotNetNuke.Authentication.Azure.B2C.ScheduledTasks.SyncSchedule.SyncRoles(Int32 portalId, AzureConfig settings)Azure AD B2C Synchronization finished successfully
Followed the instructions to a tee. The auth works a treat however the user management pops up with a auth error. Do i need to add any permissions for graph in B2C ad?