This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 56.00000000000001%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
I'm following this example to implement self-service password reset:
https://github.com/azure-ad-b2c/samples/tree/master/policies/embedded-password-reset
I was able to get the password reset working (prompt for email, verify email, change password, redirect to jwt.ms)
When I try it again (without prompt=login), I was expecting to be redirected to the reply url (jwt.ms) since there should now be a session.
Instead, I'm immediately redirected to the "Verification is necessary" email dialog again.
I'm guessing it's because of the "isForgotPassword" claim?
How can I fix this?
Thanks
JL
Edit 1
No luck with the PasswordResetUsingEmailAddressExchange.
If I add make these changes, it seem to work.
But not sure if it's an ideal solution.
Can anyone review/comment on the solution?
<!-- extend email discovery (discover/verify email) to use session management -->
<TechnicalProfile Id="LocalAccountDiscoveryUsingEmailAddress">
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
<!--
not technically needed.
but in my custom policy, I also have MFA subjourney
so I'm using this to skip MFA subjourney
(can't use objectId, because a successful login would
already set that claim)
-->
<TechnicalProfile Id="SM-AAD">
<PersistedClaims>
<PersistedClaim ClaimTypeReferenceId="isForgotPassword" />
</PersistedClaims>
</TechnicalProfile>
</TechnicalProfiles>
<OrchestrationStep Order="3" Type="InvokeSubJourney">
<Preconditions>
<!-- add start: if objectId is found (from session), skip subjourney -->
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<!-- add end-->
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>isForgotPassword</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<JourneyList>
<Candidate SubJourneyReferenceId="PasswordReset" />
</JourneyList>
</OrchestrationStep>
Hi @JL , we are investigating your issue and will update you shortly.
Best,
James
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 90%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Hi, if the posted answer resolves your question, please mark it as the answer by clicking the check mark. Doing so helps others find answers to their questions.
hi, I'm still waiting for a reply to my last comment/question
https://learn.microsoft.com/answers/comments/486549/view.html
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 32%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Thanks and could you please update the <Item Key="EnforceEmailVerification">false</Item> into the ForgotPassword technical profile (<TechnicalProfile Id="ForgotPassword">) of the policy file.
Please refer more about the EnforceEmailVerification metadata document here. (https://learn.microsoft.com/en-us/azure/active-directory-b2c/disable-email-verification?pivots=b2c-custom-policy)
Thanks for the reply, JitendraRai-2073.
Tried it, but don't think it made any difference.
Correct me if I'm wrong, but:
ForgotPassword technical profile just a claimstransformation? (to set the isForgotPassword claim)? PasswordResetUsingEmailAddressExchange)? 
Hi @JL2345 , it looks like there is an issue on our end with SSO cookies. We're looking into a resolution now. In the meanwhile please try what Jitendra suggested and let us know if that helps.
Best,
James
Thanks for the reply James.
I've edited my post and added some snippet/attempt at solving the issue.
(Tried to put that in this comment, but the Submit wasn't working)
Can you have a look at let me know if the solution is correct/on the right track/(bad practice, avoid)?
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 21%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Any update on this?