I am trying to figure out a way to call my Entra Id protected web API in the OnTokenValidated event of the OpenIdConnect authentication flow. the problem is that when I try to use ITokenAcquisition or IDownstreamApi, it throws an MSAL UI Required exception stating: “No account or login hint was passed to the AcquireTokenSilent call”. I am pretty sure this has to do with the fact that the user authentication state has not be completely set up at this point and therefore I cant get an access token yet. Has anyone dealt with this before or have any alternative solutions? This is in a Blazor web app and i am trying to enrich the claims principal after login.
public override async Task TokenValidated(TokenValidatedContext context){ await base.TokenValidated(context); ITokenAcquisition tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisition>(); // The below line throws and MSAL UI Required exception string accessToken = await tokenAcquisition.GetAccessTokenForUserAsync(_apiOptions.Scopes, user: context.Principal);}