Hello @Andrew Shlykov,
Thank you for posting your query on Microsoft Q&A.
Based on your description, I see that you are able to generate a token using the Entra ID token endpoint: https://login.microsoftonline.com/XXXXXXXXXXXXXX/oauth2/v2.0/token
. However, when using the B2C token endpoint: https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/B2C_1A_ROPC_Auth/oauth2/v2.0/token
, you're encountering an error.
To help validate the issue, I recommend trying the following URL format:
https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/oauth2/v2.0/token?p=B2C_1A_ROPC_Auth
If this URL results in the same error, please try changing the scope in your request to "openid application-id offline_access." By doing this, we can verify if the issue is related to the scope.
For reference, you can check the documentation here: Azure Active Directory B2C - Add ROPC Policy.
If you encounter any AADSTS errors, please share them with us in the comments section, and if the issue persists, we can take this offline for further testing.
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks,
Raja Pothuraju.