英文:
Azure AD B2C ChangePassword custom policy "Invalid username or password."
问题
Azure AD B2C自定义策略中存在密码更改的问题。
我正在将用户流和自定义策略结合使用Azure AD B2C。一切都正常:注册、登录、重置密码、模拟用户。在Azure门户中,更改密码的自定义策略正常工作,但是在Angular SPA中尝试自定义策略时,会返回错误“用户名或密码无效”。
关键点如下:
- “更改密码”自定义策略 - 在Azure门户中执行时正常工作。
- 但是,当从Angular SPA(已登录、已验证用户)重定向时,相同的策略返回错误**“用户名或密码无效”**,状态代码为400。
以下用户流正常工作:登录、注册、重置密码。自定义策略以模拟用户也正常工作。唯一的问题发生在尝试从单页面应用程序(Angular)执行“更改密码”自定义策略时。
我使用了以下自定义策略的基本包:https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack
如果有人能提出可能发生这种情况的原因或如何调查的建议,我将不胜感激。
英文:
there is a problem with Azure AD B2C custom policy for the password change.
I'm combining User Flows and Custom Policies for the Azure AD B2C. Everything works fine: signup, login, reset password, impersonate user. The custom policy for changing the password works fine on the Azure portal - when I try the custom policy, however in the Angular SPA, it returns an error "Invalid username or password."
The key points here are following:
- The "Change Password" custom policy - works fine when executing it from
the Azure portal. - The same policy returns: "Invalid username or
password." error with status code 400 when redirected from an Angular
SPA (with logged in, authenticated user)
The following User Flows work fine: Login, Signup, ResetPassword. Custom policy to Impersonate a user also works fine. The only problem happens when trying to execute the "Change Password" custom policy from a single page application (Angular).
I've used the following base packs for the Custom Policies: https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack
If someone can suugest the possible reasons why this happens or how to investigate it - I would much appreciate
答案1
得分: 2
不能混合使用用户流程和自定义策略。
对于任何用例,请使用全部用户流程或全部自定义策略。
英文:
You cannot mix and match user flow and custom policies.
For any use case, use either all user flows or all custom policies.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论