This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 75%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
We are using Azure B2C in a new web app. Self sign up and sign in is working just fine. Now we want a flow to add new users without having to verify the e-mail or entering a password. The use case is that a super-user will add new logins for other people to be able to assign app specific credentials to the users before their first login. Before the first login we need those users to run the default flow for password reset.
I was able to create a policy for adding users without verifying the e-mail address and without specifying the password (it is auto-generated behind the scenes) with inspiration from https://stackoverflow.com/questions/57578042/azure-b2c-passwordless-sign-up-with-only-email-in-custom-policy and https://learn.microsoft.com/en-us/azure/active-directory-b2c/string-transformations. The newly account works as expected. However, when running the reset password flow it says "Your account has been locked. Contact your support person to unlock it, then try again." when I hit Continue after e-mail verification. Resetting password for users created with the default sing up/sign in flow is working just fine. I have also tried adding a new custom password reset policy without success.
Any ideas what might be wrong or how I should trouble shoot this?
Hi @Magnus Nilsson , this may have something to do with your lock-out policies. From this document that references password policies, I would look into what you have set. You mentioned you already tried a reset policy, were you getting an error?
I haven't touched the settings for password lock-out. It is still on default values (threshold 10, duration 60 sec). When running the default password reset flow this happends:
Here I get a red text telling me the account is locket out.
I GOT IT WORKING!
The problem was that in the guide from Stack Overflow they reused and modified the technical profile LocalAccountSignUpWithLogonEmail. If I kept that untouched, made a copy of it, gave the copy a new name, modified it to my liking and used that in my user journey it worked as intended.