Issue with Password Reset Redirect Loop in MSAL Browser for B2C Users

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.13.0

Wrapper Library

Not Applicable

Wrapper Library Version

2.0.0

Public or Confidential Client?

Public

Description

Hello,

I have a problem with my application using the MSAL Browser library. The issue is that when a B2C user changes their password and then returns to the login page, they are redirected back to the reset password page instead of the login page.

Unfortunately, I do not have the possibility to modify the login page because it is developed by a third party. How can I resolve this issue? Is there a way to reset the user's "reset password" state before calling loginRedirect again?

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

[ ] Sent
[ ] Pending

MSAL Configuration

auth: {
        clientId: 'xxx',
        authority: 'https://xxx.b2clogin.com/xxx.onmicrosoft.com/B2C_1A_EVENTS_SIGNIN_V2',
        knownAuthorities: ['xxx.b2clogin.com'],
        redirectUri: '/mypage.html',
      },
      cache: {
        cacheLocation: 'localStorage',
        storeAuthStateInCookie: false,
      },

Relevant Code Snippets

msalInstance.loginRedirect(loginRequest);

Reproduction Steps

The steps to reproduce the issue are:

Call loginRedirect
Land on the login page
Click on reset password
Get redirected to the reset password page
Reset the password
Get logged in
Get redirected to the redirect URI page
Call loginRedirect again for various reasons
Land on the reset password page instead of the login page

Expected Behavior

Land on the reset password page instead of the login page.

Identity Provider

Azure B2C Basic Policy

Browsers Affected (Select all that apply)

WebView in an Android/IOS app

Regression

No response

Source

External (Customer)

AzureAD / microsoft-authentication-library-for-js