question

VikasTiwari-2263 avatar image
0 Votes"
VikasTiwari-2263 asked VikasTiwari-2263 commented

B2C Customize Password Complexity Through Custom API

Hi @amanpreetsingh-msft,

I wanted to check if following scenario supported in B2C:

I wanted to call custom API from password reset policy that can send user password to API, so that we can maintain user password history on our end and can implement custom password complexity requirements those are not OOTB in b2c (i.e. enforcing password history not supported in B2C).

I wanted to know is there any way to get password which user is entering and pass it to custom API for further processing and checks? I checked documentation but didn't find it anywhere.

I appreciate if you can help here.

Thanks,
Vikas Tiwari

azure-ad-b2c
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered VikasTiwari-2263 commented

Hi @VikasTiwari-2263 · Thank you for reaching out.

Yes, B2C doesn't support Password History requirements out of box. You may refer to this GitHub repo to implement it via custom policy using REST Technical Profile and Key Vault to maintain and validate password history requirement.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VikasTiwari-2263 avatar image VikasTiwari-2263 ·

Thanks @amanpreetsingh-msft I will take a look and try at my end. I will let you know if I have any further question on this.

0 Votes 0 ·