If modifying the password for a user in the application-only context, the calling app must be assigned the User.ReadWrite.All
application permission and at least the User Administrator Azure AD role.
Sign in to Azure AD as a global administrator>Roles and administrators> find User Administrator >Add assignments> enter your application ID to search and add.
using Azure.Identity;
using Microsoft.Graph;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var tenantId = "{tenant id}";
// Values from app registration
var clientId = "{client id}";
var clientSecret = "{client secret}";
// using Azure.Identity;
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
// https://learn.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var user = new User
{
PasswordProfile = new PasswordProfile
{
ForceChangePasswordNextSignIn = false,
Password = "xxxxxxxxxxxxx"
}
};
await graphClient.Users["{user id}"]
.Request()
.UpdateAsync(user);
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.