Reputation: 61
Azure Active Directory B2C new user invite to set their initial password
In short: how to set up Azure B2C to pre-create users and invite them to set their initial password (rather than reset it).
We have public facing website that an organisation can pay for and it gives them access to their own area. We add one or more user's email addresses to our database to grant them a login. Privileged users at the organisation can invite other users to grant them access to their organisation's area.
We wish to move our authentication, session and password management from a home grown solution to Azure AD B2C.
A new user currently receives a friendly invitation email with a hyperlink that contains a token that gives them permission to set their password.
We could create a custom policy to handle this but I really don't want to go down that route due to their complexity and shelf life.
The only way that I've found "out of the box" is to create the user in Azure AD (not problem with that), set a temporary password and email them an invite asking them to "reset" their password. The reset part is very unclean as they are not resetting their password, they are setting their initial password and this will be confusing.
Also note that we do not want the user to be able to change their email to something like a hotmail account, as the admin must be in charge of this to ensure they use their work email.
Upvotes: 3
Views: 1226
Answers (1)
Reputation: 5165
• In your scenario, I would suggest you configure an application registration in Azure AD B2C and configure user flows in it for resetting the password for every user logging in it. Also, while registering an application in Azure AD B2C, you can select the option for ‘Accounts in this organizational directory only (Default Directory only - Single tenant)’ and integrate it with your website in the frontend API such that the user flow to reset the password after verifying the email address comes up for every user.
For the above said configuration, kindly refer to the below documentation link for more details as it describes the configuration for registering users of a single tenant/organization: -
Also, refer to the below documentation link for resetting the initial temporary password using the user flow section as setting up a user flow is a very simple process as described below: -
Upvotes: 0
Related Questions
- Invite user once created in the AD B2C to sign on my app
- Azure AD B2C auth with username and e-mail
- Azure AD B2C - Password Reset on First SignIn scenario only possible via Custom Policy?
- Azure AD B2C Password
- Password Validation on Azure B2C SignUp
- Azure AD B2C Register users after validating an Invitation Token
- Azure B2C with pre-invited users
- Azure AD B2C invite as guest for administration
- Azure Ad b2c : Add new member user with invitation
- Azure AD B2C Invitation email