I have a simple GraphQL implementation using HotChocolate v13 where several resolvers are protected by Authorize HotChocolate implementation and as soon as a JWT token is passed for an Azure AD user, it works fine.