Change Password and Name when using Azure AD B2C as Default Authentication Method

(0) Share

Report

Posted on by Amad233

Hi,

I am currently using Azure AD B2C on my Power Page website.

Up until now everything is fine, my users are able to do the following:

- Sign Up (With email verification Code)

- Log in

- Forget Password

My client asked me what if the user wants to change his password or his name ??

I think this is something which is very common in all systems and should be feasible.

I am using only Azure AD B2C as authentication method (I set it as Default), how to I allow the user to:

- Change his password

- Change his first name and last name

Without ruining all the existing functionalities

Hopefully one of you pro developers has come across this. Please let me know.

Categories:

Security

I have the same question (0)

All responses (3)

Answers (0)

Fubar 8,375 Super User 2025 Season 2 on at

Like (1)

Report

The password itself is on the B2C side of things (i.e. it is not stored in Power Pages), see the Create password reset user flow in this link https://learn.microsoft.com/en-us/power-pages/security/authentication/azure-ad-b2c-provider#create-user-flows and also "Enter site settings and password reset settings in Power Pages" further down that link

In Power Pages, the users First Name/Last Name is stored in their Contact record, and is able to be updated on the Profile Page, which should be under the user's name in the top right of the navigation menu (this is assuming they have a Table Privilege on the Contact table with scope = self - which should be there by default for the Authenticated Users web role). Note: depending on which template you setup your site with the Profile Page may not be obvious (there's at least one template where you have to click next to get to the profile info)

Was this reply helpful? Yes No
Amad233 27 on at

Like (0)

Report

Thank you for your response.

That does not answer my question though, my users already have the forget password option using the forget password flow. But that is not how any system provides a change password functionality.

I need to provide the user an interface where he can change his password and remember I am only using Azure AD B2C as authentication method. Meaning that when the user changes his password it should apply both in the contact table and in the Azure B2C directory as well.

Was this reply helpful? Yes No
Fubar 8,375 Super User 2025 Season 2 on at

Like (1)

Report

Your users Azure AD B2C password is never stored in Power Pages/Dataverse - the only authentication method that stores a password hash is if you use Local Login. You need to think of Azure AD B2C as logging in with Facebook or Google (it is just another external identity provider, you just happen to control it as its in your domain) - you do not change your Facebook or Google password on another random site that you have logged in to (someone may provide a link to the FB or Google password change page - or embed it if that's allowed by the provider).

Did follow the whole linked page - point #3 in this section of that link https://learn.microsoft.com/en-us/power-pages/security/authentication/azure-ad-b2c-provider#enter-site-settings-and-password-reset-settings-in-power-pages is where you setup the power pages side of things. When your user is logged in and on your sites Profile Page the change password link should then take them to the B2C.

In the old days you would also configure Web Templates/Page with HTML, but the documentation for this appears to no longer exist and is now based on several Site Settings (which is what that point #3 will create behind the scenes)

Was this reply helpful? Yes No