In the process of designing a mobile application (IOS & Android) utilizing Xamarin Forms with AD B2C handling logins. We would like to use User Delegate SAS to grant access to Azure Blob Storage for video upload / download directly to/from the client device. Our plan was to have our backend use the OAuth tokens provided by users during login to our backend to have our backend request user delegation keys from Azure Storage, which our backend could then use to sign SAS tokens to send to users client application which would then allow access to Azure blob storage. The problem we are having is the AD B2C is not working for this use. We are not seeing a way to make this design work. We are currently contemplating switching to Service SAS, as our backend can then sign SAS tokens with the needed permissions. Any thoughts on our approach, design, or methodology? All the best and thank you in advance should anyone have any insight.