As an aside, I wish that every move I make on Azure B2C did not require a trip to stackoverflow. Thank God it's here. Anyway....
I have intentionally used a very similar title as another post as it has been answered but I do not understand it.
I wish to offer a reset policy to my users so have followed walk-through in the post:
Enable self-service password
I am using Signup/SignIn policy, so I get an error. I go back to this StackOverflow post and I identify why in this post:
Password reset doesn't work
It is because of the "Sign-up/sign-in Policy: This requires the application to do some extra work."
Fair enough... but where exactly do I put this redirect code kindly explained in the post???
In the code example from the answer in Azure AD B2C self service password reset link doesn't work, you need to put the check for error code "AADB2C90118"
in your AuthenticationFailed
handler - which is typically in Startup.Auth.cs
:
In the example, the handler will redirect the user to "/Account/ResetPassword"
which indicates the ResetPassword
method in the AccountController
which, in turn, presents an auth challenge to redirect the user to your password reset B2C policy. (You could move this code to which ever controller you like as long as you update the redirect in AuthenticationHandler
appropriately.)
Form this link , you can reset password and the RedirectUri
maybe not need manual input.
public void ResetPassword()
{
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties() { RedirectUri = "/" }, Startup.PasswordResetPolicyId);
}
}