0

I'm trying to force password reset after the first logon (in Azure ADB2C) using the Custom Policies as explained here. I'm able to login and get a proper JWT Token but I didn't manage to let it works. I followed different paths:

  1. I tried to merge the XML files (taken from the github repo) with the ones taken from "SocialAndLocalAccounts starter pack" (as suggested in the readme.md)
  2. I found this thread and I tried to apply all the suggested solutions (e.g.: copy-and-paste the XML config file or set forceChangePasswordNextSignIn to true)
  3. I know that Microsoft created a new scenario which let the user reset his password, but this feature is currently only available for User Flows (and I would like to use the "Custom Policies").
  4. I tried to change the extension_00000000000000000000000000000000_mustResetPassword and set it to true (where the zeros are the clientId of the b2c extension app)

The behaviour that I expect from the procedure is: when a new user log in for the first time, a "change password page" should be displayed and the three fields "Old Password", "New Password", "Confirm Password" should be promted.

At the moment when a new user write the (correct) username and password and login into the service for the first time, no "change password page" is displayed.

Do you have the same issues? How did you solved it? Thanks for your time. Bye

brian enno
  • 400
  • 5
  • 16
  • Do not set forceChangePasswordNextSignIn:True. Leave it set to False. You don’t actually describe your observation, what does it mean “it doesn’t work” - what do you observe and what do you expect? – Jas Suri - MSFT May 20 '21 at 11:22
  • I updated the question with more information. Is it available a full working example with custom policies? – brian enno May 20 '21 at 13:15
  • The solution in your first link is the entire end to end working sample. Likely there is an issue with your extension attribute, or user journey. You should find your expected behaviour if the extension attribute is set to true during a sign in. Make sure your signUporSignIn.xml references the correct defaultUserJourney: SignUpOrSignInWithForcePasswordReset – Jas Suri - MSFT May 20 '21 at 14:32
  • Hi Jas Suri, I started over from scratch and, thankfully to the "SocialAndLocalAccounts starter pack" example repository, I was able to get a cleaner solution. But I still have a couple of problems. I created a new question here: https://stackoverflow.com/questions/67678365/azure-ad-b2c-errors-during-reset-password-at-the-first-logon-using-custom-polic if you have time, please can you give me some new suggestions? Thank you. PS: Maybe I think I can close the current question. – brian enno May 24 '21 at 20:12

0 Answers0