Create User Password Requires Capital Letters

Tarkowski, Michael (M.) 156 Reputation points
2023-01-18T11:28:11.51+00:00

We are using the below curl information to create users in Azure AD B2C and it works good.

Issue - the password requires capital letters when creating a new user or it will fail.

Question - what do we have to change so that we are not required to use capital letters in the password when creating a user in Azure Ad B2C using Microsoft graph?

curl --location --request POST 'https://graph.microsoft.com/v1.0/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: eyJ0eXAiOi...' \
--data-raw '{
    "accountEnabled": true,
    "displayName": "YOUR_EMAIL",
    "surname": "YOUR_FIRST_NAME",
    "givenName": "YOUR_LAST_NAME",
    "userPrincipalName": "ANY_UNIQUE_TEMP_VALUE@YOUR_AZURE_TENANT.onmicrosoft.com",
    "otherMails": [
        "YOUR_EMAIL"
    ],
    "identities": [
        {
            "signInType": "emailAddress OR userName",
            "issuer": "YOUR_AZURE_TENANT.onmicrosoft.com",
            "issuerAssignedId": "YOUR_EMAIL_OR_USERNAME"
        },
        {
            "signInType": "userPrincipalName",
            "issuer": "YOUR_AZURE_TENANT.onmicrosoft.com",
            "issuerAssignedId": "ANY_UNIQUE_TEMP_VALUE@YOUR_AZURE_TENANT.onmicrosoft.com"
        }
    ],
    "passwordProfile": {
        "password": "YOUR_PASSWORD",
        "forceChangePasswordNextSignIn": false
    }
}'
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,577 questions
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Silvia Wibowo 2,851 Reputation points Microsoft Employee
    2023-01-19T03:26:31.68+00:00

    Hi Michael, you need to change the configuration for password complexity of your Azure B2C User Flow. Follow these steps: Azure B2C Configure Password Complexity.

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

  2. Tarkowski, Michael (M.) 156 Reputation points
    2023-01-19T17:26:59.24+00:00

    Thank you for your response. What is confusing to me is, we have 1 graph create api and many user flows. How does the password constraint in a user flow impact what you can do with graph create api?

    Say we have multiple user flows and each has a different Password complexity in the same B2C tenant. Since the graph API create request is before the user flows, and the graph API create request does not refer to a specific user flow, how does the graph API create request know which constrains/rules to apply to the password?

    0 comments
  3. Tarkowski, Michael (M.) 156 Reputation points
    2023-01-20T12:44:46.2266667+00:00

    Thank you for your response. Your solution does solve the above mentioned issue.

    Is there any way we can redefine the MS graph create API password default policy (ex. regex) for our Azure tenant?

    Or can we pass a custom (ex. 2 upper case, 2 lower case, 0-9 etc.) passwordPolicy into the MS graph create API request?

    0 comments
  4. Silvia Wibowo 2,851 Reputation points Microsoft Employee
    2023-01-25T03:17:49.1266667+00:00

    Hi Michael, in that case, would it be possible to add passwordPolicies into your Graph API create request:

    "passwordPolicies": "DisablePasswordExpiration, DisableStrongPassword"

    References:

    0 comments
  5. Silvia Wibowo 2,851 Reputation points Microsoft Employee
    2023-01-25T04:35:56.6+00:00

    Hi Michael, MS Graph supports passwordPolicies on 2 values: default (strong password) or DisablePasswordPolicies (simple password). Custom password policies is supported on User flow or Custom policy, as described in this step-by-step guide.

    0 comments