For authenticating Entra ID users & services in ASP.NET you’re probably using the Microsoft.Identity.Web with some initialization code looking something like this in your Program.cs:
This will configure authentication based on the values stored in your appsettings’ “AzureAd” section. And it should work fine with “normal” users, but it will not accept Tokens from a Client Credentials Flow that might be used for Service-to-Service communications.
Continue reading Allow Client Credentials Flow in ASP.NET & Microsoft.Identity.Web