[SOLVED] Azure B2C client credentials flow throws invalid

Azure B2C client credentials flow throws invalid_grant AADB2C90085

I followed this resource: https://REDACTED.b2clogin.com/REDACTED.onmicrosoft.com/B2C_1A_DEMO_CLIENTCREDENTIALSFLOW/oauth2/v2.0/token

Azure B2C App registrations:
- Protected web api
  - Expose an api
    - App ID URI = https://{my tenant name}.onmicrosoft.com/{protected web api client id}/.default
- Daemon console app
  - API Permissions
    - API = protected web api
      - Permission = access_as_application
      - Type = Application
      - Admin consent requested = Yes

I acquire a token using the OAuth client credentials flow:

POST https://{my tenant name}.b2clogin.com/{my tenant name}.onmicrosoft.com/{a basic user flow SUSI policy}/oauth2/v2.0/token

scope=https://REDACTED.onmicrosoft.com/{protected web api client id}/.default&
grant_type=client_credentials&
client_id={daemon console app client id}&
client_secret={daemon console app client secret}

Error response:

{
    "error": "invalid_grant",
    "error_description": "AADB2C90085: The service has encountered an internal error. Please reauthenticate and try again.\r\nCorrelation ID: REDACTED\r\nTimestamp: REDACTED\r\n"
}

Solution

I ran into the same issue, please double check your Manifest and make sure that "signInAudience": "AzureADandPersonalMicrosoftAccount" and not your organization only. Do also ensure you followed the steps same as other answer.