AADB2C90304: User journey went into a bad state. Claims exchange with id 'LocalAccountSigninEmailExchange' could not be found in orchestration step '2'.
Piyumi Nadeeshani
10
Reputation points
Hi,
I am creating users using Microsoft Graph API as follows
var userToAddToAAD = new User
{
AccountEnabled = true,
DisplayName = $"{firstName} {lastName}",
MailNickname = $"{firstName}{lastName[0]}",
PasswordProfile = new PasswordProfile
{
ForceChangePasswordNextSignIn = true,
Password = password
},
Identities = new List<ObjectIdentity>
{
new ObjectIdentity
{
SignInType = "emailAddress",
Issuer= _issuer,
IssuerAssignedId= emailAddress,
}
}
};
var scopes = new[] { "https://graph.microsoft.com/.default" };
var clientSecretCredential = new ClientSecretCredential(_tenantId, _testboltDevClientApiClientId, _testboltDevClientApiClientSecret);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var newUser = await graphClient.Users.PostAsync(userToAddToAAD);
After new user sign in, i have to enable reset password flow. To do that I have created a custom polices as follows.
With this, when user sign in I was able to redirect to password reset and then user can update the password. But after that I am getting following error.
I need a solution for this. Can someone help me to solve this?