❔ Azure AD B2C Sign-In and Password Reset URL Parameters
Hey there, hope you all have an awesome day ahead.
I got this azure ad b2c custom sign-in policy called "signin_policy." It uses a custom web html where you can do cool things with JavaScript. On this page, there are some buttons at the footer section. These buttons basically just take you to different web pages. For example, there's a "Help" button, and when you click it, you end up on "http://portal.platform.com/help."
Now, here's the interesting part: I also use a self-service password reset for when you forget your password. It's basically a part of the same sign-in policy, so it shares the same web html as the sign-in. But here's the twist – when you're on the "forgot password" page and click the "Help" button, it takes you to a different place, "http://tenantname.b2clogin.com/help."
To sum it up, you've got two URLs to remember:
1) Sign-in URL: "https://tenantname.b2clogin.com/tenantName.onmicrosoft.com/signin_policy/oauth2/v2.0/authorize&redirect_uri=https%3A%2F%2Fportal.platform.com%2F"
2) Forgot password URL: "https://tenantname.b2clogin.com/tenantName.onmicrosoft.com/signin_policy/api/CombinedSigninAndSignup/unified?claimsexchange=ForgotPasswordExchange&csrf_token=dEdqcjVQRmoyWkZ==&tx=StateProperties=eyJUSUQiOiIxODEwM2E4My0zNjIifQ&p=signin_policy"
So, I noticed something about those two URLs. The main difference is a special thing called a "parameter." The Sign-in URL has one called "redirect_uri," which helps the "Help" button find the right page to go to. But guess what? That parameter isn't on the Forgot Password URL.
Now, I'm thinking, how do I deal with this? Can I add that missing parameter to the self-service password reset in Azure AD B2C? If I can, how do I do it?
I got this azure ad b2c custom sign-in policy called "signin_policy." It uses a custom web html where you can do cool things with JavaScript. On this page, there are some buttons at the footer section. These buttons basically just take you to different web pages. For example, there's a "Help" button, and when you click it, you end up on "http://portal.platform.com/help."
Now, here's the interesting part: I also use a self-service password reset for when you forget your password. It's basically a part of the same sign-in policy, so it shares the same web html as the sign-in. But here's the twist – when you're on the "forgot password" page and click the "Help" button, it takes you to a different place, "http://tenantname.b2clogin.com/help."
To sum it up, you've got two URLs to remember:
1) Sign-in URL: "https://tenantname.b2clogin.com/tenantName.onmicrosoft.com/signin_policy/oauth2/v2.0/authorize&redirect_uri=https%3A%2F%2Fportal.platform.com%2F"
2) Forgot password URL: "https://tenantname.b2clogin.com/tenantName.onmicrosoft.com/signin_policy/api/CombinedSigninAndSignup/unified?claimsexchange=ForgotPasswordExchange&csrf_token=dEdqcjVQRmoyWkZ==&tx=StateProperties=eyJUSUQiOiIxODEwM2E4My0zNjIifQ&p=signin_policy"
So, I noticed something about those two URLs. The main difference is a special thing called a "parameter." The Sign-in URL has one called "redirect_uri," which helps the "Help" button find the right page to go to. But guess what? That parameter isn't on the Forgot Password URL.
Now, I'm thinking, how do I deal with this? Can I add that missing parameter to the self-service password reset in Azure AD B2C? If I can, how do I do it?
