We've successfully implemented Azure AD B2C for authentication in our web application, and now I'm on to trying to use a built-in policy for Password Reset. The web app successfully captures the error code (AADB2C90118) thrown when the user clicks the Forgot Password link, redirecting to the Account/ResetPassword method which properly performs the Challenge, sending the user through the Password Reset experience.
The user gets validated and is able to change their password, but when the response is posted back to the web app, we end up in the AuthenticationFailed event with the following exception:
{"IDX10500: Signature validation failed. Unable to resolve SecurityKeyIdentifier: 'SecurityKeyIdentifier\r\n (\r\n IsReadOnly = False,\r\n Count = 1,\r\n Clause[0] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause\r\n )\r\n', \ntoken: '{\"typ\":\"JWT\",\"alg\":\"RS256\",\"kid\":\"X5eXk4xyojNFum1kl2Ytv8dlNP4-c57dO6QGTVBwaNk\"}.{\"exp\":1537473897,\"nbf\":1537470297,\"ver\":\"1.0\",\"iss\":\"https://login.microsoftonline.com/1f0535de-b375-48bf-8bc8-d9e0b6ff185a/v2.0/\",\"sub\":\"454bd9a9-7a7c-4e7f-9535-213e07408d14\",\"aud\":\"f3afd0e2-9f6e-435a-918c-e8c542f9f5ad\",\"nonce\":\"636730670637853311.OTk5YTlhMWYtOTQyYi00ZDBjLTg0ZjItZDExMjI5MTQ5NzU1ZTY5MzZjODgtMmE2Yi00NmQ0LTg0MTYtOTc5YTJjNWEzOGQ4\",\"iat\":1537470297,\"auth_time\":1537470297,\"emails\":[\"[email protected]\"],\"oid\":\"454bd9a9-7a7c-4e7f-9535-213e07408d14\",\"name\":\"hbecker\",\"tfp\":\"B2C_1_SSPR\"}'."}
I can't seem to find anyone with this issue in the Password Reset process in B2C, so any help is appreciated!
