Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
Give Back to the Community this Month
Announcing Category Subscriptions!
News and Announcements icon
Power Platform Community / Forums / Power Pages - Power Apps Portals / Azure B2C login return...
Power Pages - Power Apps Portals
Suggested answer

Azure B2C login returning invalid sign in attempt

(0) ShareShare
ReportReport
Posted on by Uberlord 4
I have a page set up to allow uses access only through Azure B2C. 
We create a contact, then a flow creates that contact as a user in our B2C tenant.
We are able to go through the initial login and are met with the force password reset.
Once we get through that it redirects to the login page saying Invalid sign in attempt.
When we try and login again with the new password we get the same error, however in azure the user does show as having a successful sign in (previous it shows as interrupted when we went through the password reset)
There is no external Identity being linked to the contact.
We have registration enabled in our identity provider.

Any Idea's what is stopping our users getting onto the page?

Many Thanks
 
Categories:
General
  • Uberlord Profile Picture
    Uberlord 4 on at
    Azure B2C login returning invalid sign in attempt
    @Fubar thanks for responding, it is a normal setup as per the docs, I've got an existing contact and a flow creating the B2C azure user, I have it set up on the identity provider to map the contact with the email, I was following a tutorial and this is what automatically created the external identity for the contact.
    I'm pretty sure this is where the process is falling over but I can figure out what stopping it create the external identity.

    Many thanks for your time
  • Suggested answer
    Fubar Profile Picture
    Fubar 7,647 on at
    Azure B2C login returning invalid sign in attempt
    As you are creating the B2C user based on an existing Contact, what have you got setup?
    What general authentication settings (not in the specific identity providers) do you have for Power Pages e.g. Open Registration enabled?
     
    The linkage between your B2C and Contact will be an External Identity record (in dataverse), are you creating this record?
    • if not, there are really only 2 ways to link the B2C and Contact A) use the Invitations functionality and send the Contact an Invitation, or B) enable email mapping on the Identity Provider setup in the Power Pages Designer (the mapping is an option in the Identity Provider Setup under a collapsed Advanced or Additional heading). - If you are not doing either of these things you will have problems as the B2C will not link to your desired Contact record (if Power Pages is setup for Open Registration  it may attempt to create a new Contact record, but if its not setup for open registration it will not be able to sign the user into the Power Pages Site as there is no existing External Identity record - that both of the 2 options A or B would create)
    • If you are creating the External Identity record, did you also set the Security Stamp (must be a guid), Username, and set Login Enabled field to Yes on the Contact record
    other stuff may be related to B2C policies and claims mapping setup (is it a standard B2C setup as per https://learn.microsoft.com/en-us/power-pages/security/authentication/azure-ad-b2c-provider )
     
  • Uberlord Profile Picture
    Uberlord 4 on at
    Azure B2C login returning invalid sign in attempt
    @SaiRT14 Thanks for the response, i'm returning the Email and the Object ID i've not got UPN as a claim option.
    equally i'm not able to see the option to return claim as UPN inside the user flow, I've included a screenshot of the options I have available in the flow.
    The only claim i have in my identity provider is reading as emailaddress1=emails to tie the B2C claim email to the main email of our dataverse contacts table.
    Finally my redirect in my B2C app is ending in signin-aad-b2c_2 which is the same as my redirect URL in the identity providers section (i had one previously that i removed as I've been trouble shooting this for a while, hence the 2 suffix)
  • SaiRT14 Profile Picture
    SaiRT14 1,474 on at
    Azure B2C login returning invalid sign in attempt
    In Azure AD B2C, ensure the custom or predefined password reset flow redirects back to your Power Pages with a valid token. Confirm that the password reset flow includes all necessary claims (e.g., email, userPrincipalName, objectId) Go to Azure AD B2C > User Flows > Password Reset > Properties: Ensure Return claim as User Principal Name is included.

    Inspect the Reply URL: Ensure the Reply URL in the Azure AD B2C application matches your Power Pages site URL. Example: https://yourportal.powerappsportals.com/signin-oauth.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities
Give Back to the Community this Month
Announcing Category Subscriptions!

Quick Links

November 2024 Newsletter…

November 2024 Community Newsletter…

Community Update Oct 28…

Power Platform Community Update…

Tuesday Tip #9 Get Recognized…

Welcome to a brand new series, Tuesday Tips…

more Community News

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 143,867

#2
RandyHayes Profile Picture

RandyHayes 76,308

#3
Pstork1 Profile Picture

Pstork1 64,174

Leaderboard

Featured topics

Updates on Power Apps Portals - PLEASE READ

Product updates

Microsoft Power Platform Community release plans