Azure AD B2C Error: The client Id specified in the request is not registered in tenant

Question

I am attempting to log in to an Azure Active Directory B2C application.

Whenever I access the URL https://login.microsoftonline.com/te//

Answer 1

I think the reason for this is that the API Permissions aren't pre-provisioned when you create an app through the AD blade (or Graph API). The way to resolve is to add the API Permissions to the app:

Having just gone through the process of automating this I can tell you that there are four layers that have to be configured for this to work using Graph API (Note: using the beta endpoints).

1. Create application https://docs.microsoft.com/en-us/graph/api/application-post-applications?view=graph-rest-beta&tabs=http

2. Update application properties https://docs.microsoft.com/en-us/graph/api/application-update?view=graph-rest-beta&tabs=http a. requiredResourceAccess https://docs.microsoft.com/en-us/graph/api/resources/requiredresourceaccess?view=graph-rest-beta b. Any other properties, like implicitGrantSettings, logoutUrl, etc

3. Create Service Principal for app just created: https://docs.microsoft.com/en-us/graph/api/serviceprincipal-post-serviceprincipals?view=graph-rest-beta&tabs=http

4. Create oauth2PermissionGrants using the object id of the service principal: https://docs.microsoft.com/en-us/graph/api/oauth2permissiongrant-post?view=graph-rest-beta&tabs=http