How to reset password of user in Azure AD B2C via Graph API?

Multi tool use
Multi tool useThe name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP


How to reset password of user in Azure AD B2C via Graph API?



How to reset the password of the user using Microsoft Graph API?
Is there a way to do it? If yes, I am not able to find a way to do it.



Please let me know , How this can be achieved?
Thanks!




2 Answers
2



You can reset a user's password by PATCHing the user object:


PATCH https://graph.windows.net/myorganization/users/{user_id}?api-version=1.6

{
"passwordProfile": {
"password": "{password}",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration"
}



For more information, see Reset a user's password.





Can we do this using client sdk (C#) of Microsoft Graph. I think the example that you have shared above is Microsoft AD Graph API
– prateek
Jun 12 at 10:33





As described by Azure AD B2C: Use the Azure AD Graph API, it is recommended that you use the Azure AD Graph API for managing users, including resetting a user's password.
– Chris Padgett
Jun 12 at 10:40



The approach suggested by Chris is the recommended.
As I wrote in this post (permissionissue) you should also take care of proper permission configuration as you can change the password from your application only if you give to it the right privilege.



In the Reset Password flow, is not possible to impersonate the user, because you doesn't have user's credentials, so you should grant admin privileges to the application that makes the call for other users.This implies you must trust the application's code and use it carefully.



I used to grant the Helpdesk Administrator role to my app which is enough to change password to other users.
Through this powershell script:


Install-Module MSOnline
Install-Module AzureAD
Connect-MsolService
Connect-AzureAD

$applicationId = "{your app ID}"
$sp = Get-MsolServicePrincipal -AppPrincipalId $applicationId
Add-MsolRoleMember -RoleObjectId <your Role ID> -RoleMemberObjectId $sp.ObjectId -RoleMemberType servicePrincipal



You should run this code using a User with Administrator Privileges on your Active Directory.
You can get the propert roleID using this command:


Get-AzureADDirectoryRole



Now your app has enough privileges to call the PATCH method to change the password for other users.





While this link may answer the question, it is better to include the essential parts of the answer here and provide the link for reference. Link-only answers can become invalid if the linked page changes. - From Review
– Umair
18 hours ago






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

Fc o7rDoYl
-
DQ6OezzCY,mcvrt4tFUivoDKGN5 P83p,2EYAI6e

Popular posts from this blog

Makefile test if variable is not empty

Makefile test if variable is not empty In a makefile I'm trying to I've created this simplified makefile to demonstrate my problem. Neither make a or make b executes the body of the if, I don't understand why not. make a make b .PHONY: a b a: $(eval MY_VAR = $(shell echo whatever)) @echo MY_VAR is $(MY_VAR) $(info $(MY_VAR)) ifneq ($(strip $(MY_VAR)),) @echo "should be executed" endif @echo done b: $(eval MY_VAR = $(shell echo '')) @echo MY_VAR is $(MY_VAR) $(info $(MY_VAR)) ifneq ($(strip $(MY_VAR)),) @echo "should not be executed" endif @echo done I'm using $ make --version GNU Make 3.81 There are several problems, and misunderstandings. Your MY_VAR is a make variable, set it without a <tab> to its value, and no need to $(eval ...) . MY_VAR:=$(shell echo whatever) is enough. No <tab> before $(info ...) neither, this is make – Zelnes ...
Read more

Visual Studio Code: How to configure includePath for better IntelliSense results

Image
Clash Royale CLAN TAG #URR8PPP Visual Studio Code: How to configure includePath for better IntelliSense results so I am a complete beginner to using Visual Studio Code and I have no clue what I am doing. I've searched around (maybe not enough), but I cant find just a simple explanation for someone like me on how to configure the c_cpp_properties.json file that I am redirected to whenever I click on the yellow lightbulb next to a line that is underlined with a green squiggle. Lightbulb example c_cpp_properties.json I just want to know what to put in the .json to make IntelliSense work properly This question has answers that may be good or bad; the system has marked it active so that they can be reviewed. 2 Answers 2 From: https://code.visualstudio.com/docs/languages/cpp Below you can see that the MinGW C++ include path has been added to browse.path for Windows: { "name": "Win32...
Read more

Will Oldham

Image
"Palace Music" redirects here. For the racehorse, see Palace Music (horse). Bonnie 'Prince' Billy Will Oldham, June 6, 2009 Background information Birth name William Oldham Also known as Palace Brothers Palace Music Bonnie 'Prince' Billy Born ( 1970-12-24 ) December 24, 1970 (age 47) Louisville, Kentucky, United States Genres Folk alternative country country freak folk [1] Years active 1993–present Labels Drag City, Domino, Spunk Associated acts Dawn McCarthy, The Cairo Gang, Mekons, Matt Sweeney, Mick Turner, Tortoise, Trembling Bells, Harem Scarem, The Picket Line, Alex Neilson, Björk, Slint Website www.bonnieprincebilly.com Will Oldham (born December 24, 1970), better known by the stage name Bonnie 'Prince' Billy , is an American singer-songwriter and actor. From 1993 to 1997, he performed and recorded under variations of the Palace name, including the Palace Brothers, Palace Songs, and Palace Music. After releasing material under his own name,...
Read more