This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 6%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKG%3C/text%3E%3C/svg%3E)
Flow in my B2C Custom Policy
Issue
When the user enroll in the MFA with their phone number, the phone number gets added into the Authentication contact info and the email address is removed. I need to keep the email address as it is needed for the 'Forgot password flow'.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi Kevin Guan,
I believe that this is due to a limitation with local accounts that have the combined sign-in methods, but I have reached out to the product team to confirm.
The email should appear if SSPR is enabled for that option. You can make sure that it is enabled by going to Azure Active Directory > Password Reset > Self-service password reset > (All or Selected) and then going to Password Reset > Authentication Methods > Check the email and phone number options.
However, the issue is likely due to the fact that (last I checked) the ability to reset passwords only applies to local accounts in Azure Active Directory B2C that do not have combined sign-in methods. So you can only reset your password if you signed up using an email address or a username with a password for sign-in but not Email Address + Phone. This issue has been reported to the product team and they are working on a fix for it. I will get back to you if I hear an update from them.
If the user flow uses a combined local account and the users need to reset their passwords, the workaround is that admins can reset the users' passwords through forced password reset. Users cannot use "Forgot Your Password?" as self-service password is not available. If the userflow needs both SSPR and FPR, I believe that the userflow needs to change the local account type to "Phone" or "Email" only. This means that if you want your users to use SSPR, you will need to enforce that the users all use either phone or email.
If the user has Signed up using email then it will have signInNames.emailAddress and if via phone then you will have signInNames.phoneNumber
Adding the email or phone in the authentication method will not update the signInNames.emailAddress or signInNames.phoneNumber
The signInType for local accounts can be emailAddress or userName.
Let me know if this helps clarify or if you have further questions. I will let you know if I hear an update from the product team as well.
Hi Kevin Guan,
Update from the product team after confirming:
There is indeed a limitation with local accounts that have the combined sign-in methods and there is an open work item to resolve this. The ability to reset passwords only applies to local accounts that do not have combined sign-in methods (i.e. Email + Phone).
Let me know if you have further questions though. I'll be happy to relay feedback to the product team on your behalf.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 85%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFU%3C/text%3E%3C/svg%3E)
Hello, is there any progress on this? I'm facing the same issue.