Can't find information about how <Endpoint Id="Token"> works

[nawoods]

The information regarding the tag in the Relying Party docs page only talks about referencing a User Journey for the UserInfo endpoint, though (at least looking at the starter pack) there are other endpoints that can have User Journeys, like Token. Is there a help page for a Token flow? Is there anything special about the Token flow that a custom policy dev needs to consider (e.g. what does do)? Is the referenced custom policy only called for obtaining refresh tokens, or are other calls to the /token endpoint (e.g. exchanging the auth code for the id_token)?

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 1e3ce49f-746e-9326-9846-32d569558b65
• Version Independent ID: 4978d164-555d-b3cc-2989-5246b0f44313
• Content: RelyingParty - Azure Active Directory B2C
• Content Source: articles/active-directory-b2c/relyingparty.md
• Service: active-directory
• Sub-service: b2c
• GitHub Login: @kengaderdus
• Microsoft Alias: kengaderdus

[JamesTran-MSFT]

@nawoods Thanks for your feedback! We will investigate and update as appropriate.

[kengaderdus]

reassign: @garrodonnell

[garrodonnell]

Hi @nawoods, apologies for the long delay getting back to you. The endpoint: Token is used for the Refresh Token Journey.

You can take a look at the below link for an example: https://github.com/azure-ad-b2c/samples/tree/master/policies/refresh-token-journey

We are planning to incorporate this information into the Learn docs as well.

Does this answer your question?

[garrodonnell]

Hey @nawoods , I'm going to close this issue for now, if there are any further concerns please feel free to raise a new one. Thanks

please-close

[kamilzzz]

It seems like that info didn't get incorporated into the MS Learn docs.

Linked sample is fine, however it lacks description:

• what other endpoints (if any) are available for customization besides UserInfo and Token
• whether Token endpoint journey is used only for refreshing token or other token requests (according to @garrodonnell it is used only for the refresh token, however it would be nice to have that documented somewhere in the official pages)
• what are the intended use cases for endpoint journey customization, e.g. what can be done and what cannot, today I tried to update "audit" user profile attributes (extension properties, last_active etc.) during refresh token flow using customized journey and for some reason failed to do so, the same exact steps work in standard user journeys executed during SignIn flows
• what is the difference between configuring Endpoint Id="Token" under RelyingParty vs setting RefreshTokenUserJourneyId metadata under JwtIssuer technical profile used in journey issuing initial token? Which one takes precedence when both of them are set? Which one is recommended? What are the limitations of both approaches?