On the B2C login form we have two additional links:

which lead us to the next sections:


Both of them have cancel button in place.
But when I click cancel I'm redirected not to the main login form, but to my_app_host/.
Could you please describe how can I override this behavior and make those buttons redirect me to the login form (first image)?
We have this web app B2C sample. When I run it, the cancel button redirects to the login page correctly. Perhaps Reply URL needs to be set?
Hi @pmaytak the problem was that in my application I have [Authorize] applied on a single action only when in the app you mentioned it's applied globally. It also has / route (which leads to /Home/Index) and that makes the cancel button work.
Ok, probably I know another case.
/todolist/create as expectedBut
Forgot your password?Cancel/, but not on /todolist/create as requestedThank you for that detailed repro. We'll investigate.
@pmaytak do you have an update on this?
@jennyf19 I didn't get a chance to look at it. Could you investigate, if not I can make time after my current work item.
@hankovich Apologies for a late reply.
This behavior applies also to the Sign up, and Edit Profile flows. When a user cancels that action, the error is caught and redirected back to home page here:
https://github.com/AzureAD/microsoft-identity-web/blob/66103b7790904221f04f70592c8e6d4dcc73428c/src/Microsoft.Identity.Web/AzureADB2COpenIDConnectEventHandlers.cs#L83
And additionally in Microsoft.Identity.Web.UI AccountController, there are home page redirects after those user flows are successfully finished. Like here:
https://github.com/AzureAD/microsoft-identity-web/blob/66103b7790904221f04f70592c8e6d4dcc73428c/src/Microsoft.Identity.Web.UI/Areas/MicrosoftIdentity/Controllers/AccountController.cs#L144
I'll research a bit more on the fix.
@hankovich the problem is that currently the "reset-password" flow is handled by the application. the b2C team is working on making it handled by the service itself (which should have been). When that's done, the behavior will be right.
Meanwhile, if you want to override the onRedirectToIdentityProvider even to detect that there is a password reset and it got cancelled, you might be able to do something. Would that work for you?
cc; @pmaytak
@jmprieur For now I do not want to handle it myself, I was thinking about it as a workaround for the issue with redirect.
Do you have any information on when the b2c team is going to release the changes you mentioned?
@nickgmicrosoft would you know?
@hankovich we have been told end of Dec 2020, so we will see. We'll keep you posted.