Sign-in and Sign-out flows are working correctly without an error. The password reset is working - the password is changed and the user flow test shows the claims being created correctly.
The issue I am facing is on the redirect. This ends with:
Message contains error: 'invalid_grant', error_description: 'AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1_si and Expected Value : B2C_1_reset
My configuration is pretty simple:
"AzureAdB2C": {
"Instance": "****",
"ClientId": "***",
"CallbackPath": "/signin-oidc",
"Domain": "hmrdev.onmicrosoft.com",
"SignUpSignInPolicyId": "b2c_1_si",
"ResetPasswordPolicyId": "b2c_1_reset",
"EditProfilePolicyId": "b2c_1_edit_profile",
"ClientSecret": "****",
"B2cExtensionAppClientId" :"****"
},
And my configuration in Startup:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAdB2C"));
services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
options.AddPolicy("IsNewUser", policy => policy.RequireClaim("newUser"));
});
I am able to test the user flow without issue. You can see the claim being returned here:
So, do I need to somehow redirect to a different endpoint?
Cheers - Jeff