Acquiring tokens with authorization codes on web apps
When users login to Web applications (web sites) using Open Id connect, the web application receives an authorization code which it can redeem to acquire a token for Web APIs.
The principle is exactly the same for MSAL.NET, and is illustrated in active-directory-dotnet-webapp-openidconnect-v2, in Startup.Auth.cs, Lines 70 to 87