Migrating from ADAL to MSAL missing roles
I'm migrating a web app from using ADAL to MSAL, but the token is returned no longer has user information and roles.
With ADAL we would use the AcuireTokenSilentAsync method and specify the User Identifier:
authenticationResult = await authContext.AcquireTokenSilentAsync(
resource,
m_clientAssertionCertificate,
new UserIdentifier(
userObjectID,
UserIdentifierType.UniqueId)).ConfigureAwait(false);
The responding Access Token includes the profile and roles we have defined in App Roles (on the App registration)
"roles": [
"Developer"
],
When converting to use MSAL, I can't seem to find a way to pass in a UserIdentifer so that I can get back the roles in the Access Token
var scopes = new[] {"https://graph.microsoft.com/.default"}
authenticationResult = clientApp.AcquireTokenForClient(scopes).WithSendX5C(true).ExecuteAsync().Result;