Azure AD B2C with custom policies: Unable to authenticate user with temporary password
The most common reason for this that Grant Permissions has not been executed.
On the "ProxyIdentityExperienceFramework application" -> after selecting the checkbox for Access IdentityExperienceFramework -> clicking on Select and hitting Done, you must also complete the next step:
Select Grant Permissions, and then confirm by selecting Yes.
Edit:
Sorry, after reading your situation carefully, both a "sign-up or sign-in policy" or "custom policy" do not support the Azure Active Directory forceChangePasswordNextLogin
flag. (forceChangePasswordNextLogin
will only work with a "sign-up policy") There is a feature request tracking this here.