Azure ad B2C password reset link redirects with signup/signin policy endpoint by default
I'm using azure ad B2C and after setting up my policies I saw that the
"did you forget your password link" on the sign-up or sign-in page when clicked redirects to the url of the of the same sign-in or sign-up endpoint which in my auth.guard has a reply url of which checks authorization and if true redirects the user to the home page and if false redirects
I thought that the reset password link should by default be connected to my created reset password policy but that doesn't seem to be the case.
I'm using angular-oidc-auth-client API for setup and connection and this is my configuration in app.modules.ts
export class AppModule {
constructor(public oidcSecurityService: OidcSecurityService, private oidcConfigService: OidcConfigService) {
this.oidcConfigService.onConfigurationLoaded.subscribe(() => {
console.log('OpenID Configuration loaded');
console.log(oidcConfigService.clientConfiguration);
const openIDImplicitFlowConfiguration = new OpenIDImplicitFlowConfiguration();
openIDImplicitFlowConfiguration.stsServer = 'https://xxxxxx.b2clogin.com/xxxxxx.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_b2c_signup_signin'
openIDImplicitFlowConfiguration.redirect_url = 'http://localhost:29895/login-redirect';
openIDImplicitFlowConfiguration.client_id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx';
openIDImplicitFlowConfiguration.response_type = 'id_token';
openIDImplicitFlowConfiguration.scope = 'openid';
openIDImplicitFlowConfiguration.post_login_route = '/login-redirect';
openIDImplicitFlowConfiguration.post_logout_redirect_uri ='http://localhost:29895/content/dashboard';
openIDImplicitFlowConfiguration.forbidden_route = '/Forbidden';
openIDImplicitFlowConfiguration.log_console_warning_active = true;
openIDImplicitFlowConfiguration.log_console_debug_active = true;
openIDImplicitFlowConfiguration.max_id_token_iat_offset_allowed_in_seconds = 50;
const authWellKnownEndpoints = new AuthWellKnownEndpoints();
authWellKnownEndpoints.setWellKnownEndpoints(this.oidcConfigService.wellKnownEndpoints);
this.oidcSecurityService.setupModule(openIDImplicitFlowConfiguration, authWellKnownEndpoints);
});
}
}
How do you get the "did you forget your password" link to get the flow of my reset password policy? Is there anything outside of the azure portal or in my app.modules that need to be configured?
angular openid-connect azure-ad-b2c
asked Jan 18 at 15:49
därkodärko
56
add a comment |
I'm using azure ad B2C and after setting up my policies I saw that the
"did you forget your password link" on the sign-up or sign-in page when clicked redirects to the url of the of the same sign-in or sign-up endpoint which in my auth.guard has a reply url of which checks authorization and if true redirects the user to the home page and if false redirects
I thought that the reset password link should by default be connected to my created reset password policy but that doesn't seem to be the case.
I'm using angular-oidc-auth-client API for setup and connection and this is my configuration in app.modules.ts
export class AppModule {
constructor(public oidcSecurityService: OidcSecurityService, private oidcConfigService: OidcConfigService) {
this.oidcConfigService.onConfigurationLoaded.subscribe(() => {
console.log('OpenID Configuration loaded');
console.log(oidcConfigService.clientConfiguration);
const openIDImplicitFlowConfiguration = new OpenIDImplicitFlowConfiguration();
openIDImplicitFlowConfiguration.stsServer = 'https://xxxxxx.b2clogin.com/xxxxxx.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_b2c_signup_signin'
openIDImplicitFlowConfiguration.redirect_url = 'http://localhost:29895/login-redirect';
openIDImplicitFlowConfiguration.client_id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx';
openIDImplicitFlowConfiguration.response_type = 'id_token';
openIDImplicitFlowConfiguration.scope = 'openid';
openIDImplicitFlowConfiguration.post_login_route = '/login-redirect';
openIDImplicitFlowConfiguration.post_logout_redirect_uri ='http://localhost:29895/content/dashboard';
openIDImplicitFlowConfiguration.forbidden_route = '/Forbidden';
openIDImplicitFlowConfiguration.log_console_warning_active = true;
openIDImplicitFlowConfiguration.log_console_debug_active = true;
openIDImplicitFlowConfiguration.max_id_token_iat_offset_allowed_in_seconds = 50;
const authWellKnownEndpoints = new AuthWellKnownEndpoints();
authWellKnownEndpoints.setWellKnownEndpoints(this.oidcConfigService.wellKnownEndpoints);
this.oidcSecurityService.setupModule(openIDImplicitFlowConfiguration, authWellKnownEndpoints);
});
}
}
How do you get the "did you forget your password" link to get the flow of my reset password policy? Is there anything outside of the azure portal or in my app.modules that need to be configured?
angular openid-connect azure-ad-b2c
asked Jan 18 at 15:49
därkodärko
56
add a comment |
I'm using azure ad B2C and after setting up my policies I saw that the
"did you forget your password link" on the sign-up or sign-in page when clicked redirects to the url of the of the same sign-in or sign-up endpoint which in my auth.guard has a reply url of which checks authorization and if true redirects the user to the home page and if false redirects
I thought that the reset password link should by default be connected to my created reset password policy but that doesn't seem to be the case.
I'm using angular-oidc-auth-client API for setup and connection and this is my configuration in app.modules.ts
export class AppModule {
constructor(public oidcSecurityService: OidcSecurityService, private oidcConfigService: OidcConfigService) {
this.oidcConfigService.onConfigurationLoaded.subscribe(() => {
console.log('OpenID Configuration loaded');
console.log(oidcConfigService.clientConfiguration);
const openIDImplicitFlowConfiguration = new OpenIDImplicitFlowConfiguration();
openIDImplicitFlowConfiguration.stsServer = 'https://xxxxxx.b2clogin.com/xxxxxx.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_b2c_signup_signin'
openIDImplicitFlowConfiguration.redirect_url = 'http://localhost:29895/login-redirect';
openIDImplicitFlowConfiguration.client_id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx';
openIDImplicitFlowConfiguration.response_type = 'id_token';
openIDImplicitFlowConfiguration.scope = 'openid';
openIDImplicitFlowConfiguration.post_login_route = '/login-redirect';
openIDImplicitFlowConfiguration.post_logout_redirect_uri ='http://localhost:29895/content/dashboard';
openIDImplicitFlowConfiguration.forbidden_route = '/Forbidden';
openIDImplicitFlowConfiguration.log_console_warning_active = true;
openIDImplicitFlowConfiguration.log_console_debug_active = true;
openIDImplicitFlowConfiguration.max_id_token_iat_offset_allowed_in_seconds = 50;
const authWellKnownEndpoints = new AuthWellKnownEndpoints();
authWellKnownEndpoints.setWellKnownEndpoints(this.oidcConfigService.wellKnownEndpoints);
this.oidcSecurityService.setupModule(openIDImplicitFlowConfiguration, authWellKnownEndpoints);
});
}
}
How do you get the "did you forget your password" link to get the flow of my reset password policy? Is there anything outside of the azure portal or in my app.modules that need to be configured?
angular openid-connect azure-ad-b2c
asked Jan 18 at 15:49
därkodärko
56
I'm using azure ad B2C and after setting up my policies I saw that the
"did you forget your password link" on the sign-up or sign-in page when clicked redirects to the url of the of the same sign-in or sign-up endpoint which in my auth.guard has a reply url of which checks authorization and if true redirects the user to the home page and if false redirects
I thought that the reset password link should by default be connected to my created reset password policy but that doesn't seem to be the case.
I'm using angular-oidc-auth-client API for setup and connection and this is my configuration in app.modules.ts
export class AppModule {
constructor(public oidcSecurityService: OidcSecurityService, private oidcConfigService: OidcConfigService) {
this.oidcConfigService.onConfigurationLoaded.subscribe(() => {
console.log('OpenID Configuration loaded');
console.log(oidcConfigService.clientConfiguration);
const openIDImplicitFlowConfiguration = new OpenIDImplicitFlowConfiguration();
openIDImplicitFlowConfiguration.stsServer = 'https://xxxxxx.b2clogin.com/xxxxxx.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_b2c_signup_signin'
openIDImplicitFlowConfiguration.redirect_url = 'http://localhost:29895/login-redirect';
openIDImplicitFlowConfiguration.client_id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx';
openIDImplicitFlowConfiguration.response_type = 'id_token';
openIDImplicitFlowConfiguration.scope = 'openid';
openIDImplicitFlowConfiguration.post_login_route = '/login-redirect';
openIDImplicitFlowConfiguration.post_logout_redirect_uri ='http://localhost:29895/content/dashboard';
openIDImplicitFlowConfiguration.forbidden_route = '/Forbidden';
openIDImplicitFlowConfiguration.log_console_warning_active = true;
openIDImplicitFlowConfiguration.log_console_debug_active = true;
openIDImplicitFlowConfiguration.max_id_token_iat_offset_allowed_in_seconds = 50;
const authWellKnownEndpoints = new AuthWellKnownEndpoints();
authWellKnownEndpoints.setWellKnownEndpoints(this.oidcConfigService.wellKnownEndpoints);
this.oidcSecurityService.setupModule(openIDImplicitFlowConfiguration, authWellKnownEndpoints);
});
}
}
How do you get the "did you forget your password" link to get the flow of my reset password policy? Is there anything outside of the azure portal or in my app.modules that need to be configured?
angular openid-connect azure-ad-b2c
angular openid-connect azure-ad-b2c
asked Jan 18 at 15:49
därkodärko
56
asked Jan 18 at 15:49
därkodärko
56
asked Jan 18 at 15:49
därkodärko
56
asked Jan 18 at 15:49
därkodärko
56
asked Jan 18 at 15:49
därkodärko
56
56
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I thought that the reset password link should by default be connected
to my created reset password policy but that doesn't seem to be the
case.
The request flow doesn't work like this in AADB2C. In case when user clicks on reset password link, AADB2C redirects to the relying party service (main service) with a specific error code (AADB2C90118). The Relying Party Service should then invoke the reset password policy flow.
The code sample link to catch the error and then redirect to reset password handler
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54257297%2fazure-ad-b2c-password-reset-link-redirects-with-signup-signin-policy-endpoint-by%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I thought that the reset password link should by default be connected
to my created reset password policy but that doesn't seem to be the
case.
The request flow doesn't work like this in AADB2C. In case when user clicks on reset password link, AADB2C redirects to the relying party service (main service) with a specific error code (AADB2C90118). The Relying Party Service should then invoke the reset password policy flow.
The code sample link to catch the error and then redirect to reset password handler
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
add a comment |
I thought that the reset password link should by default be connected
to my created reset password policy but that doesn't seem to be the
case.
The request flow doesn't work like this in AADB2C. In case when user clicks on reset password link, AADB2C redirects to the relying party service (main service) with a specific error code (AADB2C90118). The Relying Party Service should then invoke the reset password policy flow.
The code sample link to catch the error and then redirect to reset password handler
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
add a comment |
I thought that the reset password link should by default be connected
to my created reset password policy but that doesn't seem to be the
case.
The request flow doesn't work like this in AADB2C. In case when user clicks on reset password link, AADB2C redirects to the relying party service (main service) with a specific error code (AADB2C90118). The Relying Party Service should then invoke the reset password policy flow.
The code sample link to catch the error and then redirect to reset password handler
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
I thought that the reset password link should by default be connected
to my created reset password policy but that doesn't seem to be the
case.
The request flow doesn't work like this in AADB2C. In case when user clicks on reset password link, AADB2C redirects to the relying party service (main service) with a specific error code (AADB2C90118). The Relying Party Service should then invoke the reset password policy flow.
The code sample link to catch the error and then redirect to reset password handler
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
answered Jan 20 at 15:49
Abhishek AgrawalAbhishek Agrawal
445310
445310
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
add a comment |
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
Thank you for your answer this was exactly what i was looking for!
– därko
2 days ago
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54257297%2fazure-ad-b2c-password-reset-link-redirects-with-signup-signin-policy-endpoint-by%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
