1

there is a problem with Azure AD B2C custom policy for the password change.

I'm combining User Flows and Custom Policies for the Azure AD B2C. Everything works fine: signup, login, reset password, impersonate user. The custom policy for changing the password works fine on the Azure portal - when I try the custom policy, however in the Angular SPA, it returns an error "Invalid username or password."

The key points here are following:

  • The "Change Password" custom policy - works fine when executing it from the Azure portal.
  • The same policy returns: "Invalid username or password." error with status code 400 when redirected from an Angular SPA (with logged in, authenticated user)

The following User Flows work fine: Login, Signup, ResetPassword. Custom policy to Impersonate a user also works fine. The only problem happens when trying to execute the "Change Password" custom policy from a single page application (Angular).

I've used the following base packs for the Custom Policies: https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack

If someone can suugest the possible reasons why this happens or how to investigate it - I would much appreciate

Semen Shekhovtsov
  • 802
  • 6
  • 29

1 Answers1

2

You cannot mix and match user flow and custom policies.

For any use case, use either all user flows or all custom policies.

rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • sorry bro, that's a silly asnwer. What do you mean by saying "can not"? I have just done exactly this way - custom policies with user flows. Impersonate user works like a charm. Change password also works - but only when executing it from the Azure portal using the "try it" feature. Please, pay attention to my question - User Flows with Custom Policies work fine on the Azure portal. – Semen Shekhovtsov Feb 26 '23 at 21:40
  • https://stackoverflow.com/questions/71929433/azure-b2c-custom-policy-password-change – rbrayb Feb 27 '23 at 03:13