web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages / Password Reset Redirec...
Power Pages
Unanswered

Password Reset Redirects to "Sign In Failed" page

(0) ShareShare
ReportReport
Posted on by Bryant Boyer 106

Hey all,

 

I've configured my Power Apps portal to use Azure B2C for external authentication. Everything works great except for this one piece. When a user resets their password they are redirected to .../Account/Login/ExternalAuthenticationFailed with this error:

 

FlowHawk_0-1620233281188.png

 

If they click "Sign in" and use their newly reset password, they authenticate correctly. What that means is that the password reset flow is resetting their password correctly, but just redirecting the user to an error page. How can I change this user experience?

 

Note: I set up the Azure AD B2C using the wizard at make.preview.powerapps.com so I haven't manually configured any settings.

Categories:
Power Apps portals
I have the same question (0)
  • Christian Leverenz Profile Picture
    Christian Leverenz 1,214 on at

    Hi FlowHawk,

    not sure, but could it be that changing the password does not delete the authentcationcookie for the B2C Site and an outdated token is used for logging in? I think, an id token is passed to the portal and if the portal checks that one for validity and it fails, because its old/invalid.

    Have you tried to clear all cookies for the b2c provider after a password change? This would force the user to log in again, which makes a kind of sense to me.

    If this works, may be AzureB2C password change flow is to be configured either to clear the session or to update all issued id tokes (what would mean that there is an error, if it doesn't 🙂 )

    So, just ideas and no clear hint.

    Hope it helps a little bit,

      Christian

  • Bryant Boyer Profile Picture
    Bryant Boyer 106 on at

    That's an interesting thought. I appreciate the point. I'm just not savvy enough to know what to do with the information haha. I did go into the B2C settings and tinker with the tokens, claims, logout urls, etc... and no dice. But I suspect what is conceptually occurring is exactly as you have said.

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    Hi, this is an old and a bit more manual article, but still super valid for you to understand the site settings involved: https://readyxrm.blog/2019/07/24/configure-azure-ad-b2c-for-powerapps-portals/

    can you please take a look to see if your site settings are correct?

    also, are you using custom policies on Azure AD B2C? or standard user flows?

  • Bryant Boyer Profile Picture
    Bryant Boyer 106 on at

    Thanks @OliverRodrigues. I reviewed the article and checked each property in the B2C user flows and in the portal -- they all matched. I couldn't see anything different. I'm curious, do this issue sound like a B2C problem? Or a portal problem?

    I'm using standard user flows from Azure B2C. They were set up using the make.preview.powerapps.com B2C wizard.

  • Bryant Boyer Profile Picture
    Bryant Boyer 106 on at

    For further information, I created a developer tenant, created a new azure subscription, created a new resource, created a new Power Apps portal, went to make.preview.powerapps.com, configured Azure B2C as an authentication provider (creating new signupsignin and password reset user flows during the wizard), set Azure B2C as the default identity provider, sync the changes, opened my portal and created an account, then signed out and attempted to reset my password. I was forwarded to the same error page.

    At this point I'm not convinced that this works for anyone else out of the box. Can someone confirm?

    FlowHawk_0-1620409478903.png

     

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    Sorry about the delay, I performed the same task as you are doing a few months ago and worked fine.

    Unless something has changed, this should work.

     

    Can you share a few snapshots of your Azure user flow (properties / application claims)?

  • Bryant Boyer Profile Picture
    Bryant Boyer 106 on at

    Here are some screenshots. This is all in the developer tenant where I didn't make any customizations:

     

    FlowHawk_0-1620755470512.pngFlowHawk_1-1620755480825.pngFlowHawk_2-1620755492414.png

    FlowHawk_3-1620755510795.pngFlowHawk_4-1620755517422.pngFlowHawk_5-1620755526507.png

    FlowHawk_6-1620755542450.png

    FlowHawk_7-1620755552490.png

     

     

  • Verified answer
    oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    Thanks for the snapshots.. try the follwoing changes:

     

    App Registration > Authentication

    • add another Redirect URI, with just the Portal URL
    • enable ID Tokens for implicit grant

    OliverRodrigues_0-1620760068856.png

    SignUpSignIn > Properties

    • those look fine to me

    SignUpSignIn > User Attributes / Application Claims

    • I normally also enable Surname/Given Name, but that's optional

    Reset Password > Properties

    • Issuer claim doesn't seem right to me, can you select the other (non-TFP) option from the drop-down (but keep TFP selected in the toggles there):

    OliverRodrigues_1-1620760518717.png

     

    Reset Password > Application Claims

    • In my environment I only have selected Given Name/Surname, but I don't think this would make any difference

    Portal Configuration > Valid Issuers

    • Here you need both Issuer URL for your Sign Up Sign In + Reset Pwd flows, the article above I shared explains how to retrieve those URLs

     

    hope this helps

  • Bryant Boyer Profile Picture
    Bryant Boyer 106 on at

    Thank you Oliver!! I applied all the changes except the claims ones and it worked!!

    I don't know if anyone from the product team is here in the forum, but it would be helpful feedback I think that the wizard in the make.preview.powerapps.com sets up the issuer incorrectly for password reset flows.

     

    Thanks again Oliver, you rock!

  • oliver.rodrigues Profile Picture
    oliver.rodrigues 9,368 Most Valuable Professional on at

    I am glad it worked 

     

    @justinburch would you be able to let the product team aware of this possible issue? 

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Season of Giving Solutions is Here!
Explore Copilot Studio Forums, Blogs & Galleries!

Quick Links

Forum hierarchy changes are complete!

In our never-ending quest to improve we are simplifying the forum hierarchy…

Ajay Kumar Gannamaneni – Community Spotlight

We are honored to recognize Ajay Kumar Gannamaneni as our Community Spotlight for December…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Power Pages

#1
Jerry-IN Profile Picture

Jerry-IN 71

#2
Fubar Profile Picture

Fubar 62 Super User 2025 Season 2

#3
sannavajjala87 Profile Picture

sannavajjala87 31

Last 30 days Overall leaderboard

Featured topics

Solution to LinkedIn Authentication in Power Apps Portals
Welcome to the Power Pages forum!

Product updates

Microsoft Power Platform Community release plans