Azure AD B2C Password reset is not working

sharvesh Sathishkumar 1 Reputation point
2021-03-29T06:26:04.2+00:00

After resetting the user password, b2c login page is not redirecting to the change password screen. It was working earlier.

Steps to reproduce:

reset the user's password via azure portal
login using the temporary password
login screen showing "Your password has expired." error message instead of redirecting to "Update expired password page"
82234-image.png

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,635 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,436 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,306 Reputation points
    2021-07-20T15:22:13.84+00:00

    Hi @Dan Lesko · Thank you for reaching out.

    The behavior I have mentioned above is now changed. You can now configure User Flows to allow resetting temporary password. So, you no longer need to use the above Graph call. Below are the steps for your reference:

    1. Sign in to the Azure portal.
    2. Select the Directory + Subscription icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
    3. In the Azure portal, search for and select Azure AD B2C.
    4. Select User flows.
    5. Select the sign-up and sign-in, or sign-in user flow (of type Recommended) that you want to customize.
    6. In the left menu under Settings, select Properties.
    7. Under Password configuration, select Forced password reset.
    8. Select Save.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
  2. AmanpreetSingh-MSFT 56,306 Reputation points
    2021-03-30T08:14:45.227+00:00

    Hello @sharvesh Sathishkumar · Thank you for reaching out.

    This behavior is expected. When you reset the password using Azure Portal, the temporary password generated is marked as expired. Azure AD B2C Signup/Signin User Flow doesn't include the functionality to provide change password screen when the password is marked as expired. If you sign in to Azure Portal with temporary password, it will provide you with option to change password. The new password won't be marked as expired and can be used to sign in via B2C User Flow.

    The supported way of resetting users' passwords in Azure AD B2C is by using Password Reset User flow.

    Or sign in to Graph Explorer using Global Admin of B2C tenant added as Member (NOT Guest) and use below call: 

    PATCH https://graph.microsoft.com/beta/users/OBJECT_ID_OF_THE_USER  
  
Body:  
{  
"passwordProfile": {  
"password": "Passw0rd33333",  
"forceChangePasswordNextSignIn": true  
}  
}

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.