This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 27%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Hi !
I programmed the b2c customized policies and I am currently defining the error messages. However, the login error message displays a message that does not count in the standard messages: https://learn.microsoft.com/en-us/azure/active-directory-b2c/localization-string-ids
The message is: The username or password provided in the request are invalid.
I used the strarter pack policies (local account).
If the credentials are correct, no problems arises.
how can i change this message?
Thanks!!
43483-capture.png
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 88%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
Hi,
I was facing the same issue, but you can use the below code in order to solve it
<LocalizedString ElementType="ErrorMessage" StringId="AADB2C90225">#Message</LocalizedString>
Regards!
Hi @Miguel Gregório · Thank you for sharing the required information.
By investigating into it, I found the error occurs only when the policy is configured with ROPC flow. There is an open ticket regarding this issue with the product team.
As of now, you can try removing <Item Key="grant_type">password</Item> from <TechnicalProfile Id="login-NonInteractive">. As long as, the first OrchestrationStep in an ROPC user journey is the ClaimsExchange with the ROPC technical profile, it should be absolutely fine to remove it.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Thanks!!!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 77%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Issue still exists on my side. Same setup, following basic tutorial:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy
Hi @Miguel Gregório · Thank you for reaching out.
Below is an example to customize this message:
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfClaimsPrincipalDoesNotExist">El nombre de usuario o la contraseña proporcionados en la solicitud no son válidos.</LocalizedString>
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfInvalidPassword">El nombre de usuario o la contraseña proporcionados en la solicitud no son válidos.</LocalizedString>
With above parameters, in case of both invalid username and invalid password, it will return same message, which is "The username or password provided in the request are invalid." in spanish (you can configure your own language or custom message).
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
thanks @AmanpreetSingh-MSFT , but the message I receive ("The username or password provided in the request are invalid.") does not match any of the string ids you sent me.
the "UserMessageIfClaimsPrincipalDoesNotExist" corresponds to "We can't seem to find your account."
and "UserMessageIfInvalidPassword" corresponds to "Your password is incorrect.".
thanks!
Hi @Miguel Gregório · As per the documentation, the error doesn't map to any of the built-in string IDs. The closest are the two, that I have shared above. Could you please try using these and let me know if that helps changing the message. If yes, I will update the documentation, else, I will check with product team on this and let you know.
Hi !
I used the following LocalizedStrings:
I used difrent messages in "UserMessageIfClaimsPrincipalDoesNotExist" and "UserMessageIfInvalidPassword"to detect which message is displayed.
But i get the same error message: "The username or password provided in the request are invalid."
the picture: 
Hi @Miguel Gregório · Thank you for the confirmation. I will check and let you know.
@Miguel Gregório · Could you please share complete login-NonInteractive technical profile from your Base file?
yes, sure.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 43%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Hi,
Just to confirm, I'm facing the same issue. I can localise all other messages but not the one above. after searching the ms. docs, found the error in following link:
"Error codes: Azure Active Directory B2C": https://learn.microsoft.com/en-us/azure/active-directory-b2c/error-codes
check for error code: AADB2C90225 in above page.
I cannot find any way to localise above message.
@Kaveh · Could you please share complete login-NonInteractive technical profile from your Base file?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 7.000000000000001%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWD%3C/text%3E%3C/svg%3E)
@AmanpreetSingh-MSFT Same issue here. We're using a custom Technical Profile, and using a custom form on ContentDefinition "api.signuporsigninwithkmsi":
<UserJourney Id="SignUpOrSignInWithKmsi">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsigninwithkmsi">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Username" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="2" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="SignUpWithLogonEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignup-Username" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- This step reads any user attributes that we may not have received when in the token. -->
<OrchestrationStep Order="3" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="AADUserReadWithObjectId" TechnicalProfileReferenceId="AAD-UserReadUsingObjectId" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
</OrchestrationSteps>
<ClientDefinition ReferenceId="DefaultWeb" />
</UserJourney>
Technical profile:
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Username">
<DisplayName>Local Account Signin</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="SignUpTarget">SignUpWithLogonEmailExchange</Item>
<Item Key="setting.operatingMode">Username</Item>
<Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<InputClaims>
<InputClaim ClaimTypeReferenceId="signInName" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="signInName" PartnerClaimType="signInNames.userName" Required="true" />
<OutputClaim ClaimTypeReferenceId="password" Required="true" />
<OutputClaim ClaimTypeReferenceId="objectId" />
<OutputClaim ClaimTypeReferenceId="userPrincipalName" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" />
<OutputClaim ClaimTypeReferenceId="extension_Role" />
<OutputClaim ClaimTypeReferenceId="extension_ClientId" />
<OutputClaim ClaimTypeReferenceId="extension_FactoryId" />
<OutputClaim ClaimTypeReferenceId="extension_DepartmentId" />
</OutputClaims>
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="login-NonInteractive" />
</ValidationTechnicalProfiles>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
@Wilson de Seabra · This is not the Technical profile I am looking for. Correct technical profile is <TechnicalProfile Id="login-NonInteractive">
@AmanpreetSingh-MSFT
The validation then, here goes:
<TechnicalProfile Id="login-NonInteractive">
<DisplayName>Local Account SignIn</DisplayName>
<Protocol Name="OpenIdConnect" />
<Metadata>
<Item Key="UserMessageIfClaimsPrincipalDoesNotExist">We can't seem to find your account</Item>
<Item Key="UserMessageIfInvalidPassword">Your password is incorrect</Item>
<Item Key="UserMessageIfOldPasswordUsed">Looks like you used an old password</Item>
<Item Key="ProviderName">https://sts.windows.net/</Item>
<Item Key="METADATA">https://login.microsoftonline.com/{tenant}/.well-known/openid-configuration</Item>
<Item Key="authorization_endpoint">https://login.microsoftonline.com/{tenant}/oauth2/token</Item>
<Item Key="response_types">id_token</Item>
<Item Key="response_mode">query</Item>
<Item Key="scope">email openid</Item>
<Item Key="grant_type">password</Item>
<!-- Policy Engine Clients -->
<Item Key="UsePolicyInRedirectUri">false</Item>
<Item Key="HttpBinding">POST</Item>
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="signInName" PartnerClaimType="username" Required="true" />
<InputClaim ClaimTypeReferenceId="password" Required="true" />
<InputClaim ClaimTypeReferenceId="grant_type" DefaultValue="password" />
<InputClaim ClaimTypeReferenceId="scope" DefaultValue="openid" />
<InputClaim ClaimTypeReferenceId="nca" PartnerClaimType="nca" DefaultValue="1" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="oid" />
<OutputClaim ClaimTypeReferenceId="tenantId" PartnerClaimType="tid" />
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_Name" />
<OutputClaim ClaimTypeReferenceId="surName" PartnerClaimType="family_Name" />
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="Name" />
<OutputClaim ClaimTypeReferenceId="userPrincipalName" PartnerClaimType="upn" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="localAccountAuthentication" />
<OutputClaim ClaimTypeReferenceId="extension_Role" />
<OutputClaim ClaimTypeReferenceId="extension_ClientId" />
<OutputClaim ClaimTypeReferenceId="extension_FactoryId" />
<OutputClaim ClaimTypeReferenceId="extension_DepartmentId" />
</OutputClaims>
</TechnicalProfile>