I have a unique requirement to update the user passwords using Graph API. But, I have been getting Authorization_RequestDenied error.
{"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation.","innerError":{"date":"2022-10-06T22:45:14","request-id":"","client-request-id":""}}}
Below is my code:
public async Task UpdatePassword()
{
Microsoft.Identity.Client.IConfidentialClientApplication confidentialClientApplication = Microsoft.Identity.Client.ConfidentialClientApplicationBuilder
.Create("ClientId")
.WithClientSecret("ClientSecret")
.WithTenantId("TenantId")
.Build();
Microsoft.Graph.Auth.ClientCredentialProvider authProvider = new Microsoft.Graph.Auth.ClientCredentialProvider(confidentialClientApplication);
Microsoft.Graph.GraphServiceClient graphClient = new Microsoft.Graph.GraphServiceClient(authProvider);
var newPassword = "NewComplexP@ss";
var user = new Microsoft.Graph.User
{
PasswordProfile = new Microsoft.Graph.PasswordProfile
{
Password = newPassword,
ForceChangePasswordNextSignIn = false
}
};
await graphClient
.Users["a4e3f2ce-054e-43e4-bbfd-547c44582a7"]
.Request()
.UpdateAsync(user);
}
I have permissions added like below in Azure AdB2c.
My question: despite adding all the permissions and using correct code(I assume) I am getting Authorization_RequestDenied error.
Am I missing anything? I highly appreciate any help.