Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invoke password reset policy for local users #2324

Closed
WenningQiu opened this issue Jul 12, 2023 · 3 comments
Closed

Invoke password reset policy for local users #2324

WenningQiu opened this issue Jul 12, 2023 · 3 comments
Labels
b2c

Comments

@WenningQiu
Copy link

I am using Microsoft.Identity.Web and Microsoft.Identity.Web.UI (2.11.1) on Azure AD B2C but run into some issue when testing password reset on local accounts. I am not able to reset the password when clicking "Forgot your password":

image

image

This is the HTTP message trace for the interaction above: ResetPassword.har.zip

The custom policies are based on LocalAccounts policies in the starter pack with just the tenant name and policy names adjusted:
LocalAccountPolicies.zip

Below is the appsettings.json section:

  "LocalAccount": {
    "Instance": "https://csgb2cdev.b2clogin.com",
    "TenantId": "2d3c6047-afa5-441b-8282-314f6dfe18d4",
    "Domain": "csgb2cdev.onmicrosoft.com",
    "ClientId": "57bb9b2e-d770-4fa7-9323-89d4c0642663",
    "ClientSecret": "xxxxTuSPcYp",
    "EditProfilePolicyId": "B2C_1A_LOCALACCOUNT_PROFILEEDIT",
    "ResetPasswordPolicyId": "B2C_1A_LOCALACCOUNT_PASSWORDRESET",
    "SignUpSignInPolicyId": "B2C_1A_LOCALACCOUNT_SIGNUP_SIGNIN",
    "CallbackPath": "/local-signin-oidc",
    "SignedOutCallbackPath": "/local-signout-callback-oidc"
  },

I appreciate suggestions on how to get around the issue.
@michiproep
Copy link

@WenningQiu
You are using a policy without embedded password reset flow. In this case you either want to switch to an embedded pwrFlow or handle the specific "authentication failed" exception and send the user to your password reset policy yourself.

@WenningQiu
Copy link
Author

WenningQiu commented Jul 18, 2023
edited

@michiproep Thanks for the suggestions. It turned out user flow is much easier to use on local accounts.

@jennyf19
Copy link
Collaborator

Is the issue resolved @WenningQiu ? Going to close, but please re-open if that's not the case.

@jennyf19 jennyf19 added the b2c label Nov 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
b2c
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@WenningQiu @michiproep @jennyf19