Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

User Flow B2C Reset password Problem

Copper Contributor

In the B2C User flow reset password it can enter any random email or email that not event  register in azure AD b2c with match User name is there any way to make user flow check is the Email register in Azure AD before send Email to verify

 

Alice47_1-1659674853466.png

 

2 Replies
Hello Alice

The following ask cannot be achieved using default password reset user flow however can be done using custom policy as explained in the article below

https://github.com/azure-ad-b2c/samples/tree/master/policies/pwd-reset-email-exists

Sending a password reset to an unregistered email creates confusion.
It's counterproductive and could worsen the user experience.
They will believe they have an account when they actually don't...

This should be default behavior.
https://github.com/azure-ad-b2c/samples/issues/553