Azure B2c - wanted to split email verification step in reset password policy

0
votes

In reset password policy, in first screen user can enter email address and can verify it using the code received over the email. But I want to split this screen such that user will enter email address only in first screen and after pressing continue button user receives verification code in email. In second screen user can enter verification code and on pressing continue button the code should be verified. If verification success, user will be taken to next screen and can enter new password else give error and user can regenerate a new code for verification.

flow :

screen 1(enter email and press continue. in background generate verification code and send to email) -> screen 2(enter verification code and press continue. in background verify the code, if success go to next screen else give error) -> screen 3(enter new password and continue with rest of the flow as it is) Is it possible to achive it without using any API calls.

1
azure-ad-b2c

1 Answers

0
votes

This can be achieved in Custom Policy as a page process:

  1. User enters email and submits the form via a Self Asserted technical profile. A Validation Technical Profile checks if account exists, and throws an error if it does not by calling an Azure AD technical profile with Read operation.
  2. If the email existed, the user moves on to a new page (next orchestration step), here the email is presented to the user in read-only form, and the user must click Verify Email.
  3. Email is sent to the user which exists.
  4. In the next step (next orchestration step)Enter verification code and press continue. in background verify the code, if success go to next screen else give error
  5. In the next step (next orchestration step)Enter new password and continue with rest of the flow as it is

One limitation is, after the user gets to step 2, they cannot go back to change the email. They would have to cancel and start again.