Flow/process to acquire service specific token in (UWP app)

Question

New to AAD and MSAL concepts. I am trying to figure out the correct steps to acquire service specific token for AAD userfor creating correct request header. I am able to acquire a token using user.read scope but this only provides access to MSGraph api. How to retrieve a service specific token to access service endpoint api? Do I need to acquire a token from MSGraph first? Is OBO Flow required here?

PublicClientApplicationOptions options = new PublicClientApplicationOptions()
            {
                AadAuthorityAudience =  AadAuthorityAudience.AzureAdAndPersonalMicrosoftAccount,
                AzureCloudInstance = AzureCloudInstance.AzurePublic,
                ClientId = Id,
                IsDefaultPlatformLoggingEnabled = true,
            };                                                                  
                 pc = PublicClientApplicationBuilder.CreateWithApplicationOptions(options)
                .WithExperimentalFeatures()
                .WithRedirectUri(ClientRedirectUri)
                .WithBroker(true)
                .WithUseCorporateNetwork(true)
                .Build();                                                            
                 authResult = await this.pc.AcquireTokenSilent(Scopes, firstAccount);  

Answer 1

You can generate the service specific token and able to access the api of spefic service using the token. Only you need to provide the delegated permissions for that Azure Resource to the application.

You might be only given the microsoft graph api permissions for that reason it will only access the microsoft graph api.

under API permisson->Add a permissions, you will list of azure resources. Select the resource for which you want to access that API.

Likwise i have selected the Azure Storage.

After adding the resource as delegated permission now the generated access token have the privillege to access the all the api's of storage account.