question

Pepper avatar image
0 Votes"
Pepper asked RakeshJagatap-4451 commented

AzureB2C userflow "password reset" does two times code verification

Hello
some months ago I create a AzureB2C tenant für my iOS app. I used the recommend user flow for the password reset which works fine.

Now I created a new AzureB2C tenant and configured it the same way I did the first time (at least I think so). But now if I execute the password reset user flow, it does two times the account verification via code before the user is able to enter his new password. The question is, why is that? The first tenant still only does the account verification one time.

What is wrong here? I can not find any difference in the configuration between the two tenants. The only difference is the creation date. Is that a bug in AzureB2C?

Thanks for any help
Karin

azure-ad-b2c
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, can you please mark your own answer as answered, Doing so helps others find answers to their questions.

0 Votes 0 ·
ARZhost-com avatar image
0 Votes"
ARZhost-com answered Pepper commented

Step 1: Setup Azure Active Directory B2C as OAuth Provider

  • Sign in to Azure Portal.

  • Go to Home and in the Azure services, select Azure AD B2C.

  • Please make sure you are in the Azure AD B2C directory with an active subscription and if not, you can switch to the correct directory.

Step 2: Password Reset Policy Flow

  • Go to the User Flows tab in the left corner under Policies and then click on New user flow.

  • From Select a User flow type, select Password Reset.

  • From version, select recommended then click on Create button.

  • Enter a unique name for the creation of policy.

  • Enable Reset password using email address and then click on Create button.

  • After successful policy creation, you will be redirected to the newly created policy’s overview page. If not, you can go to the user flows and search the name of your policy and you will find your policy in the list.

  • Copy the policy name.

  • Paste the Policy name in Reset Password Policy to reset your Azure AD B2C password.

  • List item

Step 3: Steps to Reset your Azure AD B2C Account’s Password

  • If you forget your Azure AD B2C account’s password but want to perform sso using Azure AD B2C or test configuration, click on Forget your password in the sign in page of Azure AD B2C.

  • Enter the email address which you used to Create Azure AD B2C user, then click on Send verification code.

  • Verification code will be sent to the entered email address.

  • Copy paste the verification code and click on Verify code.

  • When the entered code is verified, Click on Continue.

  • Now you can reset password and use it for further purposes.

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I can't speak for the Original Poster, but I experienced the same problem that the OP described (I was asked to verify my email address twice in a row) when using the "Self-service password reset" functionality that is built in to the "Sign in (Recommended)" User flow (not a "Password reset" user flow):
122839-image.png


But it didn't happen consistently when I tested it again. It appears to be a bug.

0 Votes 0 ·
image.png (67.4 KiB)
Pepper avatar image Pepper JonathanElkin-2749 ·

Hello Jonathan,
unfortunately I do not have activated the option "Self-service password reset" in the "Sign in" user flow. Nevertheless when I test the Password-reset user flow by using the Button "Run user flow" I'm asked to verify the email address twice in a row.
The funny thing is, that I have an older AzureB2C instance with the same config where this problem is never happen.

So I have no idea what is going wrong here :(

0 Votes 0 ·

Hello ARZhost-com

unfortunately I have no idea what you are trying to tell me. I know how to create a Reset Password Policy so what is your point? Could you please clarify it a bit?

0 Votes 0 ·
Pepper avatar image
0 Votes"
Pepper answered Pepper edited

ok, after checking again I found out that if I set the option "MFA enforcement" to "Off" then I'm never ask to do the email verification twice. If "MFA enforcement" is "Conditional" or "Always on" then I'm ask twice in a row to do the email verification. See Screenshot.

124443-bildschirmfoto-2021-08-18-um-225919.png




The funny thing is that within the AzureB2C instance which did work all the time, the option "MFA enforcement" is set to "Conditional" but I'm not asked twice in a row to do the email verification. So this is still a miracle or a really interesting bug in AzureB2C.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.