question

sharveshSathishkumar-2703 avatar image
0 Votes"
sharveshSathishkumar-2703 asked EricSoonius commented

Azure AD B2C Password reset is not working

After resetting the user password, b2c login page is not redirecting to the change password screen. It was working earlier.

Steps to reproduce:

reset the user's password via azure portal
login using the temporary password
login screen showing "Your password has expired." error message instead of redirecting to "Update expired password page"
82234-image.png


azure-ad-b2cazure-ad-tenantazure-ad-user-managementazure-ad-app-development
image.png (16.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
1 Vote"
amanpreetsingh-msft answered EricSoonius commented

Hi @DanLesko-0678 · Thank you for reaching out.

The behavior I have mentioned above is now changed. You can now configure User Flows to allow resetting temporary password. So, you no longer need to use the above Graph call. Below are the steps for your reference:

  1. Sign in to the Azure portal.

  2. Select the Directory + Subscription icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.

  3. In the Azure portal, search for and select Azure AD B2C.

  4. Select User flows.

  5. Select the sign-up and sign-in, or sign-in user flow (of type Recommended) that you want to customize.

  6. In the left menu under Settings, select Properties.

  7. Under Password configuration, select Forced password reset.

  8. Select Save.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @ amanpreetsingh-msft,

Is the resetting of a temporary password now also supported by flows created with Identity Experience Framework? If so, do you have an example?

0 Votes 0 ·
amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered DanLesko-0678 commented

Hello @sharveshSathishkumar-2703 · Thank you for reaching out.

This behavior is expected. When you reset the password using Azure Portal, the temporary password generated is marked as expired. Azure AD B2C Signup/Signin User Flow doesn't include the functionality to provide change password screen when the password is marked as expired. If you sign in to Azure Portal with temporary password, it will provide you with option to change password. The new password won't be marked as expired and can be used to sign in via B2C User Flow.

The supported way of resetting users' passwords in Azure AD B2C is by using Password Reset User flow.

Or sign in to Graph Explorer using Global Admin of B2C tenant added as Member (NOT Guest) and use below call:

 PATCH https://graph.microsoft.com/beta/users/OBJECT_ID_OF_THE_USER
    
 Body:
 {
 "passwordProfile": {
 "password": "Passw0rd33333",
 "forceChangePasswordNextSignIn": true
 }
 }

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @sharveshSathishkumar-2703 · Just checking if you had a chance to test it out.

0 Votes 0 ·

Hi @amanpreetsingh-msft , I was having similar issues and have attempted to use the Graph Explorer solution that you described. However, I am getting the following error:

Forbidden - 403 - 180ms. You need to consent to the permissions on the Modify permissions (Preview) tab

When I navigate to the permissions tab, there are no options displayed. What would you suggest as next steps to reset a B2C account password using the Microsoft graph?

0 Votes 0 ·