About

We have already created custom policies and set up an Azure AD B2C tenant for passwordless authentication. The login flow and tenant configuration are mostly complete, but we are currently stuck at the OTP sending step. We are looking for a technical expert who can provide support on an hourly basis to guide us through resolving this issue and ensure our flow works end-to-end. What we need help with: Troubleshooting and fixing the OTP sending issue and user provisioning in our custom policy. Reviewing our existing custom policies and confirming best practices. Guiding us live (via call/screen share) to resolve the issue. Our current setup: Azure AD B2C tenant with custom policies (IEF) Authorization Code Flow configured Passwordless login flow with email OTP (partially working) Requirements: 1. Implement Authorization Code Flow to protect backend APIs (make APIs private). 2. Create custom policies in Azure AD B2C to support passwordless login. Login Flow: 1. Login page should only ask for email address (no password). 2. After entering the email, in the background check if the user exists in B2C: If new → create the user automatically. If existing → proceed with login. 3. Always send a one-time passcode (OTP) to the email address. 4. User enters OTP on a verification screen along with the resend OTP link. 5. On successful verification, redirect to the provided callback URL with the authorization code.