I am unable to customize the following error message in azure ad b2c custom policy.
This message comes in password reset policy ,if entered email address doesn't exist.
to localize this i used following id but its not working.
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfClaimsTransformationStringsAreNotEqual">sample text</LocalizedString>
You need to use a different string id - UserMessageIfClaimsPrincipalDoesNotExist.
<LocalizedString ElementType="ErrorMessage"
StringId="UserMessageIfClaimsPrincipalDoesNotExist">sample test.</LocalizedString>
https://learn.microsoft.com/en-us/azure/active-directory-b2c/localization-string-ids
Related
I am configuring an Azure B2C instance and created a signupsignin userflow. Selecting "Display Name" and "Email Address" as User attributes I expected that it was possible to add those two attributes also as Application claims but "Email Address" is not a default option, only "Email Addresses". Even with that option on, when testing the userflow I can't see the "Email address" included as a claim. How do I have to configure Azure B2C using userflow (not custom policy) and getting the email address back?
I tried to reproduce the same in my environment and got the below results:
In my B2C tenant, I created one Sign up and sign in user flow by enabling emails in return claim as below:
I created one B2C application and selected it while running user flow like below:
When I ran the user flow, it displayed sign in screen with email address as below:
If the user signs in successfully, they will get code in their address bar along with redirect Uri like this:
I used the above code to generate token via Postman like below:
POST https://tenant.b2clogin.com/tenant.onmicrosoft.com/B2C_1_SignUpSignIn/oauth2/v2.0/token
client_id: AppID
grant_type:authorization_code
scope:openid
client_secret: client_secret
code: //copy the code you got above
redirect_uri:https://jwt.ms
Response:
When I decoded this token, I got emails claim successfully like below:
If you are not using Email sign-up method, make sure to update user's profile by adding email before running user flow like below:
We are using custom policies with ADB2C and are passing ui_locales in the signup_signin url for the localization. However, B2C doesn't propagate this to the Self Service Password Reset flow. We set it up following the instructions here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-custom-policy#self-service-password-reset-recommended
Is there a way to propagate ui_locales to Password Reset form in Custom Policies? The url for Password Reset is out of our control and is constructed by B2C itself.
• Yes, you can surely configure the page localization option for the ‘Password Reset’ policy page by configuring the ‘Azure AD B2C Embedded Password Reset’ flow wherein the default ‘Password Reset’ flow policy gives out the error code ‘AADB2C90118’ when a specific password reset policy is not invoked through the custom policy.
• Thus, to use the ‘Azure AD B2C Embedded Password Reset’ flow policy in your Azure AD B2C Custom policy, kindly follow the below link for more details wherein the ‘B2C_1A_Demo_SignUp_SignIn_SSPR’ custom policy is used instead of the default ‘SigninOrSignUp’ starter policy: -
https://github.com/azure-ad-b2c/samples/tree/master/policies/embedded-password-reset/policy
If you use the above specified custom policy, then ensure to include the below ‘Localization’ element in the ‘TrustedFrameworkExtensions.xml’ file such that supported languages are made available in the custom policy accordingly: -
<Localization Enabled="true">
<SupportedLanguages DefaultLanguage="en" MergeBehavior="ReplaceAll">
<SupportedLanguage>en</SupportedLanguage>
<SupportedLanguage>es</SupportedLanguage>
</SupportedLanguages>
</Localization>
• Once, the above localization code is made available in the ‘TrustedFrameworkExtensions.xml’ file, ensure that the below option in the image occurs for you to translate the ‘Reset Password’ to be able to display as shown below such that when selected, the respective language is available for display and resetting the password.
To know more about this, please refer the below link for more details: -
AD B2C - ui_locales not propagated from SignIn to PasswordReset
I have an Azure AD B2C Sign up and sing in policy and would like to improve the user experience for creating an account. If a new user does not click the Send verification code button and fills out the remainder of the form fields when creating a new Azure AD B2C account they receive a "A required field is missing. Please fill out all required fields and try again.":
Most users are confused on what the missing required field is, as there is no input simply a button to Send verification code. I would like to either force a user to click the button and verify their email before they are able to click the Create button or provide a more descriptive error message like: "A required field is missing or the Email Verification Code has not been sent/verified".
Does anyone know how I can do either of these without going down the custom page content route?
If it is ,Signin sign up user flow ,error messages or flow can be customized only through user interface with HTML templates ,which looks like don't prefer as you said
"without going down the custom page content route"
You can make use of localization , if you use Custom policies which uses TrustFrameworkExtensions.xml
The IDs for a content definition with an ID of api.localaccountsignup. Localization string IDs - Azure Active Directory B2C | Microsoft Docs / localization-string-ids
You need to make changes in the appropriate “api.xxx” action. In this
case, it’s “api.localaccountsignup”.
The XML changes to the TrustFrameworkExtensions.xml file are:
ID : error_requiredFieldMissing
Default value : A required field is missing. Please fill out all required fields and try again.
<LocalizedResources Id="api.localaccountsignup.en">
...
<LocalizedString ElementType="UxElement" StringId="error_requiredFieldMissing">A required field is missing. Please fill out all required fields and try again.</LocalizedString>
...
<LocalizedResources Id="api.localaccountsignup.en">
We may need to Change to
<Localization Enabled="true">
<SupportedLanguages DefaultLanguage="en" MergeBehavior="ReplaceAll">
<SupportedLanguage>en</SupportedLanguage>
</SupportedLanguages>
<LocalizedResources Id="api.localaccountsignup.en">
#Change the error message here
<LocalizedStrings>
<LocalizedString ElementType="UxElement" StringId="error_requiredFieldMissing">A required field is missing or the Email Verification Code has not been sent/verified as not clicked on send verification code</LocalizedString>
</LocalizedStrings>
</LocalizedResources>
</Localization>
Please Refer:
Customising the message/error text in Azure AD B2C custom policies | by Rory Braybrook
get-a-proper-error-message or customising/localizin the error in b2c-custom-policies
Localization string IDs - verification-display-control| Microsoft Docs
Separate the email verification code step from the actual signup, might be a workaround for you.
The below custom policy shows how to achieve this:
Separate the Email Verification and User Registration into 2 separate screens
Live Demo
We are using AD B2C custom policies for our sign-in flows and we are also doing language customization.
Even if it's possible to localize the error messages using custom policies (https://learn.microsoft.com/en-us/azure/active-directory-b2c/localization-string-ids), for example:
<LocalizedResources Id="api.localaccountsignup.en">
<LocalizedStrings>
<LocalizedString ElementType="ErrorMessage" StringId="DefaultUserMessageIfRequestFailed">Failed to establish connection to restful service end point.</LocalizedString>
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfCircuitOpen">Unable to connect to the restful service end point.</LocalizedString>
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfDnsResolutionFailed">Failed to resolve the hostname of the restful service endpoint.</LocalizedString>
<LocalizedString ElementType="ErrorMessage" StringId="UserMessageIfRequestTimeout">Failed to establish connection to restful service end point within timeout limit.</LocalizedString>
</LocalizedStrings>
</LocalizedResources>
I cannot find a key for the message "Unable to validate the information provided."
Also, it doesn't have an ID.
You cannot customise this error as this occurs when the actual policy has been configured in such a way that it cannot actually handle the users page submission. It indicates your policy has a bug in its logic.
You should troubleshoot why this error is occurring:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/troubleshoot?pivots=b2c-user-flow
One of the validation technical profiles during the sign in technical profile is problematic.
This error will never be displayed to a user with a policy that’s configured to handle all scenarios the can force. Hence there is no localisation available or needed for this error.
I am follow tutorial
Custom email verification with SendGrid, but I want to do that for reset password policy.
Everything working fine except that for <ContentDefinition Id="api.localaccountpasswordreset"> my <LocalizedString> elements are not display.
TechnicalProfile in <UserJourney>
And element's that are not display
Thanks for any advice.
You are using Display Controls to integrate Sendgrid. The correct stringIds are found here.
verification_control_but_change_claims
verification_control_fail_send_code
verification_control_fail_verify_code
verification_control_but_send_code
verification_control_but_send_new_code
verification_control_but_verify_code
verification_control_code_sent