As in the title, in our application we use Azure A2 B2C with local account IDP. We wanted to enable users to do self-service password reset. For that, they need to verify their emails, but I don't quite understand how theey are supposed to do that. Azure assings them an email of type: @.onmicrosoft.com. How can they verify this email?
I tried different settings n Reset password user flow, but nothing seemed to work.
As @juunas states, you should not be using the email form [email protected].
These are corporate accounts, not customer accounts.
Customer accounts are e.g. [email protected], [email protected] etc.
These are outside of your organisation.
B2C does not support B2B accounts. If you invite a user from another Entra ID tenant, these are admin. accounts.
Corporate users would have M365 and hence can use Office to receive emails.
The alternative is that these are federated accounts from another Entra ID IDP.
In this case, the user will have the form @onmicrosoft.com. In B2C, these are created as shadow accounts.
You can't log in with that account in B2C as the user needs to log in via federation.
They can't reset their password in B2C as they are supposed to reset their password on the federated IDP.