I updated my mobile app to request an Azure AD B2C token using the ROPC policy. When I send the token as a Bearer token, same as I did with the Sign Up Sign In policy, I get an unauthorized error.
One thing I had to do was request the token via HttpClient because the new Microsoft.Identity.Client package does not have the AcquireTokenByUsernamePasswordAsync function.
In the Web Api, I updated the TokenValidationParameters to have the new ROPC policy as the new AuthenticationType but that does not work either.