AzureB2C userflow "password reset" does two times code verification

Pepper 16 Reputation points
2021-08-12T08:44:01.327+00:00

Hello
some months ago I create a AzureB2C tenant für my iOS app. I used the recommend user flow for the password reset which works fine.

Now I created a new AzureB2C tenant and configured it the same way I did the first time (at least I think so). But now if I execute the password reset user flow, it does two times the account verification via code before the user is able to enter his new password. The question is, why is that? The first tenant still only does the account verification one time.

What is wrong here? I can not find any difference in the configuration between the two tenants. The only difference is the creation date. Is that a bug in AzureB2C?

Thanks for any help
Karin

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,652 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pepper 16 Reputation points
    2021-08-18T21:08:15.983+00:00

    ok, after checking again I found out that if I set the option "MFA enforcement" to "Off" then I'm never ask to do the email verification twice. If "MFA enforcement" is "Conditional" or "Always on" then I'm ask twice in a row to do the email verification. See Screenshot.

    124443-bildschirmfoto-2021-08-18-um-225919.png

    The funny thing is that within the AzureB2C instance which did work all the time, the option "MFA enforcement" is set to "Conditional" but I'm not asked twice in a row to do the email verification. So this is still a miracle or a really interesting bug in AzureB2C.

    2 people found this answer helpful.
  2. ARZhost.com 1 Reputation point
    2021-08-12T08:47:42.41+00:00

    Step 1: Setup Azure Active Directory B2C as OAuth Provider

    • Sign in to Azure Portal.
    • Go to Home and in the Azure services, select Azure AD B2C.
    • Please make sure you are in the Azure AD B2C directory with an active subscription and if not, you can switch to the correct directory.

    Step 2: Password Reset Policy Flow

    • Go to the User Flows tab in the left corner under Policies and then click on New user flow.
    • From Select a User flow type, select Password Reset.
    • From version, select recommended then click on Create button.
    • Enter a unique name for the creation of policy.
    • Enable Reset password using email address and then click on Create button.
    • After successful policy creation, you will be redirected to the newly created policy’s overview page. If not, you can go to the user flows and search the name of your policy and you will find your policy in the list.
    • Copy the policy name.
    • Paste the Policy name in Reset Password Policy to reset your Azure AD B2C password.
    • List item

    Step 3: Steps to Reset your Azure AD B2C Account’s Password

    • If you forget your Azure AD B2C account’s password but want to perform sso using Azure AD B2C or test configuration, click on Forget your password in the sign in page of Azure AD B2C.
    • Enter the email address which you used to Create Azure AD B2C user, then click on Send verification code.
    • Verification code will be sent to the entered email address.
    • Copy paste the verification code and click on Verify code.
    • When the entered code is verified, Click on Continue.
    • Now you can reset password and use it for further purposes.