cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
FlowHawk
Advocate II
Advocate II

Password Reset Redirects to "Sign In Failed" page

Hey all,

 

I've configured my Power Apps portal to use Azure B2C for external authentication. Everything works great except for this one piece. When a user resets their password they are redirected to .../Account/Login/ExternalAuthenticationFailed with this error:

 

FlowHawk_0-1620233281188.png

 

If they click "Sign in" and use their newly reset password, they authenticate correctly. What that means is that the password reset flow is resetting their password correctly, but just redirecting the user to an error page. How can I change this user experience?

 

Note: I set up the Azure AD B2C using the wizard at make.preview.powerapps.com so I haven't manually configured any settings.

1 ACCEPTED SOLUTION

Accepted Solutions
OliverRodrigues
Super User
Super User

Thanks for the snapshots.. try the follwoing changes:

 

App Registration > Authentication

  • add another Redirect URI, with just the Portal URL
  • enable ID Tokens for implicit grant

OliverRodrigues_0-1620760068856.png

SignUpSignIn > Properties

  • those look fine to me

SignUpSignIn > User Attributes / Application Claims

  • I normally also enable Surname/Given Name, but that's optional

Reset Password > Properties

  • Issuer claim doesn't seem right to me, can you select the other (non-TFP) option from the drop-down (but keep TFP selected in the toggles there):

OliverRodrigues_1-1620760518717.png

 

Reset Password > Application Claims

  • In my environment I only have selected Given Name/Surname, but I don't think this would make any difference

Portal Configuration > Valid Issuers

  • Here you need both Issuer URL for your Sign Up Sign In + Reset Pwd flows, the article above I shared explains how to retrieve those URLs

 

hope this helps




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

View solution in original post

16 REPLIES 16
chleverenz
Power Participant
Power Participant

Hi FlowHawk,

not sure, but could it be that changing the password does not delete the authentcationcookie for the B2C Site and an outdated token is used for logging in? I think, an id token is passed to the portal and if the portal checks that one for validity and it fails, because its old/invalid.

Have you tried to clear all cookies for the b2c provider after a password change? This would force the user to log in again, which makes a kind of sense to me.

If this works, may be AzureB2C password change flow is to be configured either to clear the session or to update all issued id tokes (what would mean that there is an error, if it doesn't 🙂 )

So, just ideas and no clear hint.

Hope it helps a little bit,

  Christian

Have fun,
Christian
----------------------
Please do not forget to leave feedback if this post helped you. Already giving kudos is a great way of feedback when the post was helpful.
Comments on how the answer could be improved are welcome, too.

That's an interesting thought. I appreciate the point. I'm just not savvy enough to know what to do with the information haha. I did go into the B2C settings and tinker with the tokens, claims, logout urls, etc... and no dice. But I suspect what is conceptually occurring is exactly as you have said.

OliverRodrigues
Super User
Super User

Hi, this is an old and a bit more manual article, but still super valid for you to understand the site settings involved: https://readyxrm.blog/2019/07/24/configure-azure-ad-b2c-for-powerapps-portals/

can you please take a look to see if your site settings are correct?

also, are you using custom policies on Azure AD B2C? or standard user flows?




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

Thanks @OliverRodrigues. I reviewed the article and checked each property in the B2C user flows and in the portal -- they all matched. I couldn't see anything different. I'm curious, do this issue sound like a B2C problem? Or a portal problem?

I'm using standard user flows from Azure B2C. They were set up using the make.preview.powerapps.com B2C wizard.

For further information, I created a developer tenant, created a new azure subscription, created a new resource, created a new Power Apps portal, went to make.preview.powerapps.com, configured Azure B2C as an authentication provider (creating new signupsignin and password reset user flows during the wizard), set Azure B2C as the default identity provider, sync the changes, opened my portal and created an account, then signed out and attempted to reset my password. I was forwarded to the same error page.

At this point I'm not convinced that this works for anyone else out of the box. Can someone confirm?

FlowHawk_0-1620409478903.png

 

OliverRodrigues
Super User
Super User

Sorry about the delay, I performed the same task as you are doing a few months ago and worked fine.

Unless something has changed, this should work.

 

Can you share a few snapshots of your Azure user flow (properties / application claims)?




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

Here are some screenshots. This is all in the developer tenant where I didn't make any customizations:

 

FlowHawk_0-1620755470512.pngFlowHawk_1-1620755480825.pngFlowHawk_2-1620755492414.png

FlowHawk_3-1620755510795.pngFlowHawk_4-1620755517422.pngFlowHawk_5-1620755526507.png

FlowHawk_6-1620755542450.png

FlowHawk_7-1620755552490.png

 

 

OliverRodrigues
Super User
Super User

Thanks for the snapshots.. try the follwoing changes:

 

App Registration > Authentication

  • add another Redirect URI, with just the Portal URL
  • enable ID Tokens for implicit grant

OliverRodrigues_0-1620760068856.png

SignUpSignIn > Properties

  • those look fine to me

SignUpSignIn > User Attributes / Application Claims

  • I normally also enable Surname/Given Name, but that's optional

Reset Password > Properties

  • Issuer claim doesn't seem right to me, can you select the other (non-TFP) option from the drop-down (but keep TFP selected in the toggles there):

OliverRodrigues_1-1620760518717.png

 

Reset Password > Application Claims

  • In my environment I only have selected Given Name/Surname, but I don't think this would make any difference

Portal Configuration > Valid Issuers

  • Here you need both Issuer URL for your Sign Up Sign In + Reset Pwd flows, the article above I shared explains how to retrieve those URLs

 

hope this helps




If you like this post, give a Thumbs up. Where it solved your request, Mark it as a Solution to enable other users find it.

Power Pages Super User | MVP


Oliver Rodrigues


 

Thank you Oliver!! I applied all the changes except the claims ones and it worked!!

I don't know if anyone from the product team is here in the forum, but it would be helpful feedback I think that the wizard in the make.preview.powerapps.com sets up the issuer incorrectly for password reset flows.

 

Thanks again Oliver, you rock!

Helpful resources

Announcements

Tuesday Tips: Getting Started in the Community

TUESDAY TIPS is back!   This weekly series of posts is our way of sharing helpful things we've learned or shared that have helped members of the Community. Whether you're just getting started or you're a seasoned pro, Tuesday Tips will help you know where to go, what to look for, and navigate your way through the ever-growing--and ever-changing--world of the Power Platform Community! The original run of Tuesday Tips was a highlight of last year, and these all-new Tips will hopefully prove to be just as informative as helpful. We will cover some basics about the Community, a few "insider tips" to make your experience even better, and sharing best practices gleaned from our most active community members and Super Users. Make sure to watch the News & Announcements each week for the latest and greatest Tuesday Tips!   THIS WEEK: I'm Brand New! What Do I Do? The number of new community members we have each week is pretty amazing, and we are so glad to welcome all of you to the Community! You may be wondering. "What do I do? Where do I get started? Will anyone be willing to help me? What I have a question? Help!"   Let's start with this: Welcome to the low-code revolution, and more importantly, welcome to the Power Platform Community! This is a great place to start. Whether you're busy with Power Apps, getting familiar with Power Automate, engaging Copilot Studio, or building in Power Pages, there are a few key places you should check out as you begin your journey: FORUMS: The forums are THE place to ask questions, look at questions asked by other Community members—and see answers and solutions from our Super Users and other helpful people in the Community. Power Apps ForumsPower Automate ForumsCopilot Studio ForumsPower Pages Forums   NEWS & ANNOUNCEMENTS: Our News & Announcements section highlights the newest and greatest updates in the Community, news from the product team, and so much more. It’s updated a few times each week and will also help you find ways to connect with what’s going on in the ever-growing world of Power Platform. Power Apps News & AnnouncementsPower Automate News & AnnouncementsCopilot Studio News & AnnouncementsPower Pages News & Announcements   GALLERIES: The Galleries section of the Community features tons of tips and tricks, features and benefits, and more—through videos created by our Super Users, product teams, and other helpful members of the Community. Power Apps GalleriesPower Automate Galleries Copilot Studio GalleriesPower Pages Galleries BLOGS: The community blogs section is full of handy step-by-step tips from members of the Community—and some of them include detailed answers to some of the questions most frequently asked questions, as well as how they solved a problem they faced. Power Apps Community BlogPower Automate Community BlogCopilot Studio Community BlogPower Pages Community Blog POWER UP PROGRAM: If you’d like to really take a huge step forward in your journey, we recommend checking out the Power Up Program, a Microsoft-sponsored initiative that trains new Power Platform users and has been a huge success since it launched a little over a year ago. There’s a waiting list, so definitely apply soon if you’re interested! Find out more here: Microsoft Power Up Program for career switchers.   There's so much more you'll discover in your Power Platform experience, and this Community is here for YOU! We are glad you've discovered us and can't wait to see where you grow! If you're new to the Community and just getting started, make sure to give this post a kudo and introduce yourself so we can welcome you!

Super User of the Month | Drew Poggemann

As part of a new monthly feature in the Community, we are excited to share that Drew Poggemann is our featured Super User for the month of February 2024. If you've been in the Community for a while, we're sure Drew's name is familiar to you, as he is one of our most active contributors--he's been a Super User for five consecutive seasons!   Since authoring his first reply 5 years ago to his 514th solution authored, Drew has helped countless Community members with his insights and expertise. In addition to being a Super User, Drew is also a User Group leader and a Microsoft MVP. His contributions to our Super User sessions and to the new SUIT program are always welcome--as well as his sense of humor and fun-loving way of sharing what he knows with others.   When Drew is not solving problems and authoring solutions, he's busy overseeing the Solution Architecture team at HBS, specializing in application architecture and business solution strategy--something he's been doing for over 30 years. We are grateful for Drew and the amazing way he has used his talent and skills to help so many others in the Community. If you are part of the SUIT program, you got to hear some great tips from Drew at the first SUIT session--and we know he still has much more to share!You can find him in the Community and on LinkedIn. Thank you for all you do, Drew!

Announcing Power Apps Copilot Cookbook Gallery

We are excited to share that the all-new Copilot Cookbook Gallery for Power Apps is now available in the Power Apps Community, full of tips and tricks on how to best use Microsoft Copilot as you develop and create in Power Apps. The new Copilot Cookbook is your go-to resource when you need inspiration--or when you're stuck--and aren't sure how to best partner with Copilot while creating apps.   Whether you're looking for the best prompts or just want to know about responsible AI use, visit Copilot Cookbook for regular updates you can rely on--while also serving up some of your greatest tips and tricks for the Community. Our team will be reviewing posts using the new "Copilot Studio" label to ensure we highlight and amplify the most relevant and recent content, so you're assured of high-quality content every time you visit. If you share a post that gets featured in the curated gallery, you'll get a PM in the Community to let you know!The curated gallery is ready for you to experience now, so visit the new Copilot Cookbook for Power Apps today: Copilot Cookbook - Power Platform Community. We can't wait to see what you "cook" up!    

Celebrating a New Season of Super Users with Charles Lamanna, CVP Microsoft Business Applications

February 8 was the kickoff to the 2024 Season One Super User program for Power Platform Communities, and we are thrilled to welcome back so many returning Super Users--as well as so many brand new Super Users who started their journey last fall. Our Community Super Users are the true heroes, answering questions, providing solutions, filtering spam, and so much more. The impact they make on the Communities each day is significant, and we wanted to do something special to welcome them at our first kickoff meeting of the year.   Charles Lamanna, Microsoft CVP of Business Applications, has stressed frequently how valuable our Community is to the growth and potential of Power Platform, and we are honored to share this message from him to our 2024 Season One Super Users--as well as anyone who might be interested in joining this elite group of Community members.     If you want to know more about Super Users, check out these posts for more information today:    Power Apps: What is A Super User? - Power Platform CommunityPower Automate: What is A Super User? - Power Platform Community Copilot Studio: What is A Super User? - Power Platform Community Power Pages: What is A Super User? - Power Platform Community

February 2024 User Group Update: Welcoming New Groups and Highlighting Upcoming Events

It's a new month and a brand-new year, which means another opportunity to celebrate our amazing User Groups!Each month, we highlight the new User Groups that have joined the community. It's been a busy season for new groups, because we are thrilled to welcome 15 New User Groups! Take a look at the list below, shared by the different community categories. If your group is listed here, give this post a kudo so we can celebrate with you!   We love our User Groups and the difference they make in the lives of our Community! Thank you to all the new User Groups, new User Group leaders--we look forward to hearing about your successes and the impact you will leave!   In addition to our monthly User Group spotlight, it's a great time to share some of the latest events happening in our User Group community! Take a look at the list below to find one that fits your schedule and need! There's a great combination of in-person and virtual events to choose from. Also, don't forget to review the many events happening near you or virtually! It's a great time of year to connect and engage with User Groups both locally and online. Please Welcome Our NEW User Groups   Power Platform: Heathcare Power Platform User Group Power Platform Connect Hub Power Platform Usergroup Denmark Mexico Norte- Power Platform User Group Pune Power User Group Sudbury Power Platform User GroupMicrosoft User Group GhanaMPPBLR - Microsoft Power Platform Bengaluru User Group Power Apps:   Myrtle Beach Power Platform User GroupAnanseTechWB PowerApps Copilot Studio: Pathfinders Power Platform Community Dynamics365: Cairo, Egypt MSD 365 Business Central/NAV/F&O User GruopMS Dynamics 365 Business Central LatamCincinnati OH D365 F&O User Group February User Group Events February 2024 Cleveland Power Platform User GroupPortallunsj - Februar 2024Indiana D365/AX February User Group MeetingQ1 2024 KC Power Platform and Dynamics 365 CRM Users Group 

Super Users 2024 Season One is Here!

   We are excited to announce the first season of our 2024 Super Users is here! Our kickoff to the new year welcomes many returning Super Users and several new faces, and it's always exciting to see the impact these incredible individuals will have on the Community in 2024! We are so grateful for the daily difference they make in the Community already and know they will keep staying engaged and excited for all that will happen this year.   How to Spot a Super User in the Community:Have you ever written a post or asked for help in the Community and had it answered by a user with the Super User icon next to their name? It means you have found the actual, real-life superheroes of the Power Platform Community! Super Users are our heroes because of the way they consistently make a difference in the Community. Our amazing Super Users help keep the Community a safe place by flagging spam and letting the Community Managers know about issues. They also make the Community a great place to find answers, because they are often the first to offer solutions and get clarity on questions. Finally, Super Users share valuable insights on ways to keep the Community growing, engaging, and looking ahead!We are honored to reveal the new badges for this season of Super Users! Congratulations to all the new and returning Super Users!     To better answer the question "What is a Super User?" please check out this article: Power Apps: What is A Super User? - Power Platform CommunityPower Automate: What is A Super User? - Power Platform Community Copilot Studio: What is A Super User? - Power Platform Community Power Pages: What is A Super User? - Power Platform Community

Users online (2,608)