Create User Password Requires Capital Letters

Tarkowski, Michael (M.) 61 Reputation points
2023-01-18T11:28:11.51+00:00

We are using the below curl information to create users in Azure AD B2C and it works good.

Issue - the password requires capital letters when creating a new user or it will fail.

Question - what do we have to change so that we are not required to use capital letters in the password when creating a user in Azure Ad B2C using Microsoft graph?

curl --location --request POST 'https://graph.microsoft.com/v1.0/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: eyJ0eXAiOi...' \
--data-raw '{
    "accountEnabled": true,
    "displayName": "YOUR_EMAIL",
    "surname": "YOUR_FIRST_NAME",
    "givenName": "YOUR_LAST_NAME",
    "userPrincipalName": "ANY_UNIQUE_TEMP_VALUE@YOUR_AZURE_TENANT.onmicrosoft.com",
    "otherMails": [
        "YOUR_EMAIL"
    ],
    "identities": [
        {
            "signInType": "emailAddress OR userName",
            "issuer": "YOUR_AZURE_TENANT.onmicrosoft.com",
            "issuerAssignedId": "YOUR_EMAIL_OR_USERNAME"
        },
        {
            "signInType": "userPrincipalName",
            "issuer": "YOUR_AZURE_TENANT.onmicrosoft.com",
            "issuerAssignedId": "ANY_UNIQUE_TEMP_VALUE@YOUR_AZURE_TENANT.onmicrosoft.com"
        }
    ],
    "passwordProfile": {
        "password": "YOUR_PASSWORD",
        "forceChangePasswordNextSignIn": false
    }
}'
Microsoft Graph Azure AD API
Microsoft Graph Azure AD API
A Microsoft API that queries the user's profile, finds other users, manages organizational relationships, tracks assignments, or creates original solutions that incorporate existing organizational data.
189 questions
No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Silvia Wibowo 156 Reputation points Microsoft Employee
    2023-01-19T03:26:31.68+00:00

    Hi Michael, you need to change the configuration for password complexity of your Azure B2C User Flow. Follow these steps: Azure B2C Configure Password Complexity.

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    No comments

  2. Tarkowski, Michael (M.) 61 Reputation points
    2023-01-19T17:26:59.24+00:00

    Thank you for your response. What is confusing to me is, we have 1 graph create api and many user flows. How does the password constraint in a user flow impact what you can do with graph create api?

    Say we have multiple user flows and each has a different Password complexity in the same B2C tenant. Since the graph API create request is before the user flows, and the graph API create request does not refer to a specific user flow, how does the graph API create request know which constrains/rules to apply to the password?

    No comments

  3. Tarkowski, Michael (M.) 61 Reputation points
    2023-01-20T12:44:46.2266667+00:00

    Thank you for your response. Your solution does solve the above mentioned issue.

    Is there any way we can redefine the MS graph create API password default policy (ex. regex) for our Azure tenant?

    Or can we pass a custom (ex. 2 upper case, 2 lower case, 0-9 etc.) passwordPolicy into the MS graph create API request?

    No comments

  4. Silvia Wibowo 156 Reputation points Microsoft Employee
    2023-01-25T03:17:49.1266667+00:00

    Hi Michael, in that case, would it be possible to add passwordPolicies into your Graph API create request:

    "passwordPolicies": "DisablePasswordExpiration, DisableStrongPassword"

    References:

    No comments

  5. Silvia Wibowo 156 Reputation points Microsoft Employee
    2023-01-25T04:35:56.6+00:00

    Hi Michael, MS Graph supports passwordPolicies on 2 values: default (strong password) or DisablePasswordPolicies (simple password). Custom password policies is supported on User flow or Custom policy, as described in this step-by-step guide.

    No comments