Douglas Woods
Douglas Woods

Reputation: 964

How to customize B2C Expired Password Message

I am using B2C Custom Flows. If a user tries to signon with an expired password (older than 90 days) a message "The password has expired" is displayed. How can I customize this message. I could not find this message in the list of localized string ids https://learn.microsoft.com/en-us/azure/active-directory-b2c/localization-string-ids.

Upvotes: 2

Views: 1031

Answers (2)

Chris Padgett
Chris Padgett

Reputation: 14724

A user object must be created with the passwordPolicies property set to DisablePasswordExpiration.

This is because the local-NonInteractive technical profile fails if the password for the user has expired.

Since you are creating custom flows, then you can implement your own password policy with your own localized messages, such as that in this Azure AD B2C: Force password reset after 90 days sample.

Upvotes: 1

Carl Zhao
Carl Zhao

Reputation: 9569

As far as I know, there is no password expiration policy for local accounts.Did you create a local account DisablePasswordExpiration without setting the passwordPolicies attribute to?

1.If the local account is created through the built-in password policy, this policy will set the passwordPolicies attribute to DisablePasswordExpiration.

2.If you create a local account through a custom policy or Azure AD Graph API, you must manually set the passwordPolicies attribute to DisablePasswordExpiration.

Upvotes: 0

Related Questions