This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 62%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
I have followed all the steps here (https://learn.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-get-started) in order to create a custom policy. I am able to create an account, but when I attempt to log in I receive the "Invalid username or password" message. I am able to use that account to log in using the built-in user flows but not the custom policies. Unfortunately, the documentation does not show full examples, but after re-reading this about 1000 times I think I am doing this correctly. If anyone has any suggestions on how to debug the issue or what I might be doing incorrectly, please let me know.
Ok, I just uploaded the important ones. I don't think profile edit or password reset come into play for the sign in flow.
@alfredo-msft-identiy any update on this?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @SteveDEgenhardt-8910,
Were you mainly hoping for troubleshooting guidance? This guide has some steps showing the best way to validate the policies. https://learn.microsoft.com/en-us/azure/active-directory-b2c/troubleshoot-custom-policies?tabs=app-reg-ga
Is your client type set to private by chance? If you set the client type to public that can resolve this error. Also, please make sure the access and ID tokens are enabled.
If you would like to have a support case opened for this, you can feel free to email me at AzCommunity@microsoft.com and I can enable one for you.
Any assistance that can be provided would be appreciated. I thought the request to send the policies and provide more info was an acknowledgement that our issue was being worked on. We have been stuck on the most basic issue for more than a month. At this point, we don't have much time to implement and we will use Okta to implement our solution but in parallel try to work out our B2C issues and we hope that is our long term solution.
Also, I did send an email to the address provided above.
Hi @SteveDegenhardt-8910. Yes, I left a comment: https://learn.microsoft.com/answers/comments/54768/view.html
@MarileeTurscak is there a case number or some info I should be getting back (in re to you opening a case for this)?
In your IdentityExperienceFramework app manifest:
Change:
"accessTokenAcceptedVersion": 2,
To (default value):
"accessTokenAcceptedVersion": null,
Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.
@alfredo-revilla-msft This resolved the issue. I have no idea how this would have been set (I did not edit the manifest directly), so probably something I changed in the UI and when I changed it back it failed to update. But this worked. Thank you for your assistance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 5%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETJ%3C/text%3E%3C/svg%3E)
I am experiencing the same issue, but I cannot set accessTokenAcceptedVersion to null. If I try, I get the error:
"Failed to update IdentityExperienceFramework application. Error detail: Property accessTokenAcceptedVersion is invalid. [Qlq/E]"
Is there another workaround?
Ensure the following value is set:
"signInAudience": "AzureADandPersonalMicrosoftAccount"
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 5%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Same here!
Failed to update IdentityExperienceFramework application. Error detail: Property accessTokenAcceptedVersion is invalid. [hd++9]
its already there.
@Peter @Travis Johnson try recreating both IEF applications. IF that does not solve the issue please create a new post to better address the problem.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 54%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
App manifest doc says 'If signInAudience is AzureADandPersonalMicrosoftAccount, the value [of accessTokenAcceptedVersion] must be 2.' (accessTokenAcceptedVersion attribute)
Im using same tenant local accounts only and was able to run custom policies by setting:
"signInAudience": "AzureADMyOrg" (signInAudience attribute) and
accessTokenAcceptedVersion": null
Our team actually abandoned AD B2C in favor of AWS Cognito because of this issue and this other one that threw out our plans for federation https://learn.microsoft.com/en-us/answers/questions/2222/azure-b2c-oidc-the-key-type-ec-from-the-json-web-k.html
It helped, thank you so much!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 72%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I spent 2 days on this issue, and if finally came down to a mix up of the ProxyIdentityExperienceFrameworkAppId and the IdentityExperienceFrameworkAppId.
Just a point to keep in note, when you are creating the two IDs you create the IdentityExperienceFrameworkAppId first. I was entering that (without paying much attention) when updating TrustFrameworkExtensions.xml
Keep mind that the first ID in the xml file is the ProxyIdentityExperienceFrameworkAppId!!! ..,, darn!! Its miss that you can not find easily since the error you get is "user name password is not correct".
--Andrew
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 37%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
@Alfredo Revilla - Senior Freelance SWE, SWA, IAM Similar issue as mentioned by others 1. Created custom policy 2. Able to run policy "B2C_1A_signup_signin" and create user 3. Post signup token created successfully and redirected to jwt.ms and able to see the created username in the token. 4. When i try to signin with the same created user it shows error message "The username or password provided in the request are invalid." 5. I could able to login with the newly created user through "Userflows"
Read the document several times, deleted and recreated the two app(proxy and identityexp framework) registers mentioned in the documentation no success.
Any help would be appreciated.63218-b2c-insights-query-data.txt
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 53%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
@Alfredo Revilla - Senior Freelance SWE, SWA, IAM ....any luck on this issue....i have followed every step of documentation but still not able to sign in using Custom Policy....it works for sign up but not for sign in
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 21%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
@Alfredo Revilla - Senior Freelance SWE, SWA, IAM same issue here with code flow. Any updates?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 65%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETN%3C/text%3E%3C/svg%3E)
Same issue. I was testing B2C_1A_SIGNUP_SIGNIN and I could create user but could not login.
Then I read the document again and found out that "allowPublicClient": null, so I updated it as the document then I worked.
Hope that helps!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 77%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Was already set up
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 46%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHL%3C/text%3E%3C/svg%3E)
This worked for me, thank you !