Azure B2C force login after password reset sub journey

Rahil Momin 1

we're using password reset sub-journey as described here (https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-custom-policy#self-service-password-reset-recommended).

When using this, a user is automatically logged upon successful password reset flow. We want to stop that and redirect user to sign-in page after successful password reset.

How can we achieve this, here is what main journey looks like:

2 answers

Alfredo Revilla - Senior Freelance SWE, SWA, IAM 27,016 Reputation points

2022-05-31T18:31:43.93+00:00

Hello @Rahil Momin , in order to redirect user to sign-in page after successful password reset and orchestration step you have to insert a new orchestration step that calls the SelfAsserted-LocalAccountSignin-Email technical profile. Avoid any preconditions to make it run all the time.

Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it so that others in the community with similar questions can more easily find a solution.
Please sign in to rate this answer.
Shashank 1 Reputation point

2022-11-10T13:28:31.22+00:00

Hi @Alfredo Revilla - Senior Freelance SWE, SWA, IAM Can you elaborate a more on where exactly to add this technical profile ?

Rob 26 Reputation points

2022-11-14T15:44:14.277+00:00

Hi @Shashank , did you manage to fix this? I have the same problem.

Shashank 1 Reputation point

2022-11-22T09:56:51.573+00:00

No not yet. @Rob If you have anything let me know please

Rob 26 Reputation points

2022-11-22T16:34:06.36+00:00

I couldn't implement @Alfredo Revilla - Senior Freelance SWE, SWA, IAM suggestion, it didn't work for me.

I ended up doing a workaround, I added a new OrchestrationStep at the end of the subjourney where I show a custom "success page", in there I have a custom button that redirects the user to the sign in page

Alok Aswal 1 Reputation point

2022-12-05T09:05:14.97+00:00

Hello @Alfredo Revilla - Senior Freelance SWE, SWA, IAM

Do you have any demo policy xml describing how it will redirect to Sigh in after password reset is completed.
I tried but it show me only input for email and password, but it doesn't show me complete sign-in page .

What exact orchestration step should be written on password reset.

Alok Aswal 1 Reputation point

2022-12-05T14:34:20.75+00:00

Hi

How you added this new OrchestrationStep at the end of the subjourney where you show a custom "success page" I did this , but would like to know that ,
Which <ContentDefinition Id="api.selfasserted"> Id we have to use , is this same page name that is same in blob storage container ?
May I know how you achieve this, to call you custom html page after password reset ? Just wanted to know the content definition part , and passing email to that success page.

<ContentDefinitions>
<ContentDefinition Id="api.selfasserted">
<LoadUri>~/xagrouptest/templates/AzureBlue/selfAsserted.cshtml</LoadUri>
<RecoveryUri>~/common/default_page_error.html</RecoveryUri>
<DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7</DataUri>
<Metadata>
<Item Key="DisplayName">Collect information from user page</Item>
</Metadata>
</ContentDefinition>

</ContentDefinitions>

<TechnicalProfile Id="SelfAsserted-PasswordRestScuuscfully">
<DisplayName>Pending Verification</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>

and then Orchestrion step to call above Technical profile after password reset.

Sunil Boga 0 Reputation points

2023-01-31T11:45:01.4433333+00:00

Hi Alfredo,

Is it possible to make the user to login after resetting the password?
I am currently using the Recommended Sign up and sign in Userflow and the user is directly getting logged into the application after password reset.
Sign in to comment

Rob 26

Hi @Alok Aswal

For the ContentDefinition, I'm using my own custom HTML page, so I create my own ContentDefinition(api.passwordReset_Success) and it will be something like this:

<ContentDefinition Id="api.passwordReset_Success">  
    
 <LoadUri>https://mywownwebsite.net/templates/en/passwordresetSuccess.html</LoadUri>  
 <RecoveryUri>~/common/default_page_error.html</RecoveryUri>  
 <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7</DataUri>  
 <Metadata>  
   <Item Key="DisplayName">Password Changed</Item>  
 </Metadata>  
</ContentDefinition>

And my passwordresetSuccess.html will look like this:

<html>  
<head>  
  <style>  
    #newPassword_label,  
    #justResetPassword_label,  
    #cancel,  
    #continue {  
      display: none;  
    }  
  </style>  
</head>  
<body>  
  <div class="container">  
    <div class="content">  
      <h1 id="headline">  
        Success! Your password has been reset.  
      </h1>  
      <div class="buttons"><button id="signIn" onclick="goBack()">Sign in</button></div>  
      <div id="api" data-name="SelfAsserted" role="main"></div>  
    </div>  
  </div>  
  
  <script>  
    function goBack() {  
      history.back();  
    }  
  </script>  
</body>  
</html>