We're trying to build a connected solution using Azure. We offer the user an option to sign up via an email account or sign in via a social networking site using Azure B2C on a mobile application. We also want the user to have an option to edit their details like name, password etc.
Any details other than password can be changed after asking the user to sign in again. Password is changed via the Forgot password function. (with literally the user being a sent a reset link and title being 'Forgot password'
These are not quite right from a user's perspective. Is Azure B2C limiting this functionality in any way? Is it possible to make it more user friendly such as
All details can be edited without signing in again. Changing password is allowed after providing the old password.
At the very least, it should be possible to update the title / flow of these functions.
There are two kinds of account in Azure AD B2C. One is local account and the another is social account.
We are only able to update the password of local account since Azure AD manages the password for local account.
And no matter what kind of application, we can using the Microsoft Graph to update the profile. Here is a sample to update the password for your reference:
PATCH:https://graph.microsoft.com/v1.0/users/{userId}
Authorization: Bearer {access_token}
{
"passwordProfile": {
"password": "newPassword",
"forceChangePasswordNextSignIn":false
}
}
And more detail about user updating, you can refer link below: