@Alex B The method you are following for schema extension (https://learn.microsoft.com/en-us/previous-versions/azure/ad/graph/howto/azure-ad-graph-api-directory-schema-extensions), creates attribute in Azure AD but the result will not show up in the portal, because B2C service itself tracks it, rather than looking at the directory. If you create the attribute again under B2C > User Attributes with the same name, then B2C will reconcile it and show it in the portal. But, as of now it is not possible to programmatically create a User Attribute that will show up in the Portal.
To answer your second question, schema extension is done under user context and the account must have Directory.AccessAsUser.All permission. Although we use Object ID of the application during this process but the application doesn't need to be authenticated using client secret or certificate.
-----------------------------------------------------------------------------------------------------------
Please "Accept as answer" wherever the information provided helps you to help others in the community.