https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/microsoft-entra-id-groups-and-roles?view=aspnetcore-7.0 https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/graph-api?pivots=graph-sdk-5&view=aspnetcore-7.0 https://learn.microsoft.com/en-us/graph/sdks/sdks-overview Scopes To permit Microsoft Graph API calls for user profile, role assignment, and group membership data: A CLIENT app is configured with the User.Read scope (https://graph.microsoft.com/User.Read) in the Azure portal. A SERVER app is configured with the GroupMember.Read.All scope (https://graph.microsoft.com/GroupMember.Read.All) in the Azure portal. The preceding scopes are required in addition to the scopes required in ME-ID deployment scenarios described by the... » read more