question

LuisitoComunica-0455 avatar image
1 Vote"
LuisitoComunica-0455 asked MichaCzerwiski-9869 commented

Why is Azure AD B2C Password Reset flow throwing different error code than in documentation

Azure AD B2C is throwing a different error code when the user clicks forgot password link than documented.

I'm using Azure B2C and implementing password reset. I'm using the password reset user flow to handle this, and the Sign up and sign in user flow for login.

The documentation says that when the user clicks the 'Forgot password' link, it should throw this error code: AADB2C90118 as shown in the image:
182966-image.png

And according to the official Azure B2C error codes documentation, the error AADB2C90118 means:

The user has forgotten their password.

Which is the expected error code, but when using Phone/Email signup in local accounts in the Sign up and sign in user flow (as shown in the image)
182967-image.png

I get a different error code, which is: AADB2C90037, and according to the error codes documentation, the error AADB2C90037 means:

An error occurred while processing the request. Please contact administrator of the site you are trying to access.

Which is not the error code that it should be throwing. Why, when using Phone/Email signup, B2C throws a different error code? Why does it throws a generic error code instead of the forgot password error code? Am I doing something wrong?


azure-ad-b2c
image.png (42.1 KiB)
image.png (51.0 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @LuisitoComunica-0455,

Thanks for reaching out.

I tried to reproduce the above scenario in my lab and getting the same error codes as mentioned by you.
I reached out to the product team to bring this to their attention. I will revert you once I hear from them.


Thanks,
Shweta

0 Votes 0 ·

1 Answer

MichaCzerwiski-9869 avatar image
0 Votes"
MichaCzerwiski-9869 answered MichaCzerwiski-9869 commented

Hi @ShwetaMathur,

Any news on this one? We have exactly the same issue in our app and are interested in what you have learnt from the team.

Cheers,
MC

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I learned that this is indeed a bug and not the error it's supposed to throw. I handled both error codes as the reset password error code (not good since the user might actually encounter a generic error and will be thrown to the reset password screen).

I eventually switched to custom policies due to some requirements in my project so I don't know if things have changed in regards to this issue

0 Votes 0 ·

Thanks a lot @LuisitoComunica-0455, I think we will take similar approach in our app. I am only a bit concerned that the code we are getting right now (the wrong one) might be also generated in other scenarios...

0 Votes 0 ·