Not able to fetch user info of b2c users in Azure B2C with OAUTH

Question

I'm trying to use Azure B2C as identity provider. I'm able to get id token, but no access token is being returned with b2c as a tenant. If I use normal azure ad endpoints this works but for this the users will have to be part of the azure directory. How can I use azure b2c endpoints as this I don't want users who sign in to be the part of the azure directory. I saw a couple of posts saying azure b2c endpoints wont work with graph endpoints. If this is the case how do I get userinfo for b2c users? I was able to get access token if I include the application id(client id) resgistered in ad as one of the scopes in the service provider. But im not able to use this on microsoft graph endpoint to fetch user details. One way I was able to solve it was to user OIDC and return user info in the id token. But I want to use with OAUTH and I'm not sure what to do. Any help would be appreciated. The userinfo url I tried with client id being part of scope was https://graph.microsoft.com/oidc/userinfo

Tldr: Need help in setting up azure b2c login with oauth (getting access token and userinfo part sepcifically)

Answer 1

If you use custom policies to define the flow in Azure AD B2C you can define the userinfo endpoint however you like. It is not the graph endpoint which you can not use with a B2C user, only an Azure AD user in the B2C tenant. The document5ation can be found here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/userinfo-endpoint?pivots=b2c-custom-policy