i'm pretty new to Azure and Microsoft Graph api, i was wondering if there was a way to get the groups of a user of a registered application. Right now i have a client_id, a client_secret, a tenant_id and a list of scopes. I am working with C# and i tried using this class ConfidentialClientApplicationBuilder, and specifying this scope https://graph.microsoft.com/.default, and i am able to get a token, but i get a 400 bad request when trying the request to get the user groups or everything with /me (like in this example https://graph.microsoft.com/v1.0/me). I also tried PublicClientApplicationBuilder, but as far as i know this opens the popup to insert the credentials and i don't want that. I would like to create a simple webapi where i can specify some static values for the moment, from which i can first get an access token of a user and then get its groups. Is there any way to do this. Thanks in advance!
For ConfidentialClientApplicationBuilder, you are using "client crediential flow" https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow. The token you get is a special one " client token". It allows a "client" to pass an api which is protected by Azure AD. So it doesn't contain any "user" information. It is meaningless to get the group of a "client" .
There is no way you can get a "user token" without signing in, which requires window prompt. Except the user has already signed in from anywhere else.