Azure Active Directory B2C: Add Forgot password Link in my custom sign in policy

Question

I want to add forgot password link in my custom sign in policy for local accounts. but I am not able to get any proper document for this particular scenario.

Answer 1

Hi @Karan Shah · Thank you for reaching out.

The Forgot password Link is by default included in all the templates of Custom Policy Starter Pack. If you have already implemented the starter pack, make sure setting.forgotPasswordLinkLocation Metadata key is NOT present under TechnicalProfile Id="LocalAccountSignUpWithLogonEmail" or TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email" as mentioned below:

<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">  
    ...  
    <Metadata>  
    <Item Key="setting.forgotPasswordLinkLocation">None</Item>  

setting.forgotPasswordLinkLocation : Displays the forgot password link. Possible values: AfterLabel (default) displays the link directly after the label or after the password input field when there is no label, AfterInput displays the link after the password input field, AfterButtons displays the link on the bottom of the form after the buttons, or None removes the forgot password link.

Read more: https://learn.microsoft.com/en-us/azure/active-directory-b2c/self-asserted-technical-profile

-----------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 2

Hi @@Karan Shah · You need to specify unifiedssp:1.2.0 under <ContentDefinition Id="api.signuporsignin"> because the forgot your password link appears on the Signup/Sign in combined or Sign in only page; the content of which is populated by api.signuporsignin and the DataUri for that should be ending with unifiedssp:1.2.0. The page contract selfasserted:1.2.0 should used for pages that gather information from the users, e.g., api.selfasserted, api.selfasserted.profileupdate, api.localaccountsignup, and api.localaccountpasswordreset.

Below is the XML snippet of which DataUri should be specified under which ContentDefinition Id for your reference.

<ContentDefinitions>  
  <ContentDefinition Id="api.error">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.idpselections">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.idpselections.signup">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.signuporsignin">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.selfasserted">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.selfasserted.profileupdate">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.localaccountsignup">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.localaccountpasswordreset">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>  
  </ContentDefinition>  
  <ContentDefinition Id="api.phonefactor">  
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.0</DataUri>  
  </ContentDefinition>  
</ContentDefinitions>  

-----------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.