You can refer to the custom claims documentation here - JSON Web Token Claims
If the caller - client application and microservice which is an API, if both are in the same domain and controlled by your team, then it is fine to access them using either id_token or access_token. Though access_token is recommended.
When any third party is involved, it is recommended to use access_token with less user information.