Forum Discussion
AD B2C - Custom Policies - RaiseErrorIfClaimsPrincipalDoesNotExist in Password Reset journey
Hi,
I'm using custom policies in our web app.
For the Reset Password, I'm using the standard PasswordReset user journey provided with the local account starter pack.
This journey references to <UserJourney Id="PasswordReset"> in the TrustFrameworkBase policy.
At the moment, if a user is not registered in the web app, the password reset journey still sends an OTP to the email.
The email receives the OTP, even if not registered, and can insert the code.
Once the code is validated, clicking on the "Continue" button does nothing. The user is stuck on the page without any information.
Checking the console I found out that the SelfAsserted call returns the error "404 user not found".
I would like to stop the user before sending the OTP and inform him with an error message (that the account is not registered and to proceed with the registration).
I tried to add:
<Item Key="RaiseErrorIfClaimsPrincipalDoesNotExist">true</Item>in the TechnicalProfile of the first OrchestrationStep, but it does nothing.
Any suggestion on how to stop a non existing user from proceeding to the Reset Password journey?
Thank you very very much if you can help me.
Please consider below:
- Add a Validation Technical Profile: Create a validation technical profile that checks if the user exists in your directory.
- Modify the Orchestration Step: Update the orchestration step to include this validation technical profile before sending the OTP.
The first OrchestrationStep of the PasswordReset UserJourney calls a TechnicalProfile that has the RaiseErrorIfClaimsPrincipalDoesNotExist in it. Isn't that enough?
My PasswordReset policy:
The PasswordReset UserJourney:
The LocalAccountDiscoveryUsingEmailAddress TechnicalProfile with RaiseErrorIfClaimsPrincipalDoesNotExist set to true:
Please, can someone help me understand?
