samples icon indicating copy to clipboard operation
samples copied to clipboard

Published 20 hours ago verified publisher icon azure-ad-b2c

Issue with Session Provider in SelfAsserted-ForcePasswordReset-ExpiredPassword

Open shmiyaza-MSKK opened this issue 2 years ago • 1 comments

Description

I noticed an issue in the sample custom policy located at: force-password-reset

On line 136, the session provider for SelfAsserted-ForcePasswordReset-ExpiredPassword is set to SM-Noop. This means claims like ObjectId are not persisted in the session. When executing the UserJourney with an active session, the following error occurs:

AADB2C90304: User journey went into a bad state. Claims exchange with id 'LocalAccountSigninEmailExchange' could not be found in orchestration step '2'.

Suggested Fix

To resolve this, the session provider should be changed to SM-AAD to ensure claims are persisted.

<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />

shmiyaza-MSKK avatar Aug 14 '23 01:08 shmiyaza-MSKK

This is correct. I was also facing the same issue, and was able to fix by changing it to SM-AAD

hamzaanjum avatar Oct 24 '23 14:10 hamzaanjum