This is not planned for the next 6 months, but is on the roadmap.
Currently, you can use “App Registration” blade in the Azure Portal (outside of the Azure AD B2C blades) to register an apps that define application permission and the register apps that use client credentials to request these. The caveat is that this is done using the same mechanism that you’d use in regular Azure AD.
Ideally we’d have a first class experience for this in the Azure AD B2C blades or at least have an Azure doc that walks you through the experience I just summarized, so I’m leaving this feature ask open.
It would be great if you guys can add comments with your feedback. What scenarios areyou trying to achieve? Does the approach above help you achieve what you want to achieve? Does the experience to do so work for you guys and if not, what would you like to see?
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?Kyle Pope commented
It really is a shame that this isn't supported.
Since it's unlikely to be implemented, it might be really useful and much less effort to embrace this limitation and provide an official Microsoft solution that is external to changing the B2C product. I'm thinking something similar to the Git repo Marcel Juhnke provided in a previous comment but more refined, including:
* Implementation of user group retrieval as an Azure function with proper error handling and necessary authentication implemented.
* Detailed documentation on the Microsoft B2C documentation portal about how to configure/install and integrate a custom policy with it.
If this solution existed and it was relatively easy to implement it might go a long way to address this issue.