I'm trying to reset user password using graph rest API with a client ID.I have created application with UserAuthenticationMethod.ReadWrite.All and added the application to the user administrator as well. When call the request using Postman I am getting following error. What casuing this problem. I am passing OAuth token for client as well in the headers.
I'm using this end point.
https://graph.microsoft.com/v1.0/users('[email protected]')/authentication/methods/{clientid}/resetPassword
I have given following permissions to the application.
Initially, I registered one Entra ID application and granted API permissions as below:
Added the above application to User Administrator directory role like this:
Now, I generated OAuth token using client credentials flow via Postman with below parameters:
POST https://login.microsoftonline.com/tenantId/oauth2/v2.0/token
scope: https://graph.microsoft.com/.default
When I used this token to reset user's password by calling below API, I too got same error:
POST https://graph.microsoft.com/v1.0/users/userID/authentication/methods/methodId/resetPassword
"newPassword": "xxxxxxx"
The error occurred as resetting user's password operation does not support
permissions as mentioned in this MS Doc.
Alternatively, you can make use of Update user API call to reset user's password by updating passwordProfile
property like this:
PATCH https://graph.microsoft.com/v1.0/users/{id}
"passwordProfile": {
"forceChangePasswordNextSignIn": false,
"password": "xxxxxxxx"
Reference: Update user - Microsoft Graph v1.0