Reputation: 632
Azure B2C Password Change gives me invalid Username/Password
I'm trying to implement a Azure AD B2C Password Change policy for Azure B2C.
I've used this policy and updated the client_id, resource_id, IdTokenAudience values in the "login-NonInteractive" technical profile accordingly.
When I execute this policy now, then I can log in and change my password afterwards accordingly as expected.
But when I invoke the policy out of the application, where the user is loged in via a standard SignIn Userflow, the login page doesn't show up, I get directly refered to the password change page, and if I enter the old and new password there I get a "The username or password provided in the request are invalid." message.
What did I do wrong here?
Upvotes: 2
Views: 631
Answers (1)
Reputation: 11315
Claim names between user flow and custom policies are different, so here when it’s trying to verify the old password, the users identifier ends up being null. Use custom policies OR user flows, do not combine.
Upvotes: 3
Related Questions
- B2C custom policy Change Password "The username or password provided in the request are invalid"
- B2C custom policy login - "The username or password provided in the request are invalid"
- Azure AD B2C 'Invalid username or password' when using built-in policies
- B2C - "Invalid password" when it is valid
- Azure AD B2C password change custom policy, user needs to sign in every time
- Resetting the user password doesn’t work for Azure B2C
- Reset Password doesn't work with custom Policy
- AAD B2C: After "reset password" from Azure Portal the B2C users cannot change it while loging in by SignIn policy URL
- Error on forgot password on custom signin/signup policy
- Azure B2C Sample Custom Policy, When SignIng In Shows 'Your password is incorrect'