I have a .NET Blazor SPA application where users are being authenticated with Azure AD using MicrosoftIdentityWebApp nuget. Got some new requirements to call a 3rd party API and they are expecting an Azure Access Token. Looking over some documentation it seems that OnBehalfOf flow is what I need ( please correct me if I am wrong ). I have updated my authentication configuration and added this response type OpenIdConnectResponseType.IdTokenToken and also added a couple of OpenIdConnectEvents in order to grab the Access Token during authentication.
Just want to confirm if in order to authenticate for another application, is there a more appropriate way then OBO flow?