Situation:
Step 1 is working fine I can login and I get an access token with the correct claims so I can call my backend API.
When I turn on Step 2 so adding the GraphServiceClient then all stops working and login fails with the following error: There was an error trying to log you in: ''. I have the idea that adding the scope https://graph.microsoft.com/User.Read is causing the login to fail. I have the idea it is because that scope is not defined in my SPA app registration in my Azure AD B2C tenant, but I don't see how I can add that scope. Under Api permissions I can't add that scope.
Am I missing something?
I found out it is not possible to use the Graph API directly from Blazor WASM when using Azure AD B2C for authentication. This is only enabled for Azure AD.
To get around this problem you will have to make protected endpoints in your backend controllers and call the MS Graph API from there using clientid+secret credentials and send them back to the webassembly client.
For performance reasons and preventing the extra overhead of querying the MS Graph API you could consider caching the users in your own backend.