Would be good to have access_token as well, in case more user properties are needed. I.e.: the schema can be customized and the application may need to read values for custom user properties as well. And of course, acces_token can be configured to do other things, so without it, it's only part useful.
Another thing is that this authentication approach is still using the old method, without BFF. And BFF is the current best practice, so Microsoft (and others) would probably start breaking this old solution.
BFF can probably be implemented in XData, but before anyone starts reinventing that same bicycle over and over, do you have any plans to develop any kind of BFF component or something to cover for this?