Converting B2C User flow to Sign-In Only

Question

I currently have an API that allows users to sign in and sign up through a SPA using B2C. I want to change the SPA page from a sign-in/sign-up page to a sign-in only page to limit access. This means administrators will create accounts first and users will reset their password to gain access to the API. My questions are:

1. Will changing the sign-up and sign-in user flow to sign-in only just require changing configuration values throughout the API?
2. What is the best way to create new user accounts, send customers their account details with a one-time use password, and then force them to change their password? Can resetting the password under "Password configuration" and checking "Forced password reset" achieve this?

For reference, I used this tutorial as a base for my API.

Thank you in advance.

Answer 1

Hi @hampton123 , hope I can help with this.

1. Changing the sign-up and sign-in user flow to sign-in only will require updating the configuration values in your API. You can modify the user flow (policy) in your Azure AD B2C tenant to achieve this.
2. You can do this through the Portal or Graph API if you want to create these yourself. And then yes, you would check "Forced password reset."

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James