Share via

How to use authenticationMethod: resetPassword GraphAPI without always having to change password on first login?

Satish Penta 20 Reputation points
2023-08-22T14:26:42.2866667+00:00
  • authenticationMethod: resetPassword

Reset user's password successfully works every single time we try to reset without passing the "requireChangeOnNextSignIn" flag, but if we try using it with 'false' value, we get the following error stating that flag being not available.

{"error":{"code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError":{"date":"2023-08-22T13:58:33","request-id":"e46db453-484a-4c6e-be9e-634f3f8dad3f","client-request-id":"e46db453-484a-4c6e-be9e-634f3f8dad3f"}}}

If we try to pass the same parameter with 'true' value, it gets accepted. But this is the same behavior as not sending the parameter at all and it is not useful to our project development.

Is there any alternative way to achieve this requirement as our business demands to change the password permanently rather than having to change the password?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,903 questions
0 comments
Accepted answer
  1. Akshay-MSFT 17,871 Reputation points Microsoft Employee
    2023-08-23T09:45:04.8666667+00:00

    @Satish Penta

    Thank you for posting your query on Microsoft Q&A. From above description I could understand that you are looking for a way to Reset user password without prompting them to change it on next logon.

    Please do let me know if this is not the case.

    The failure when setting the requireChangeOnNextSignIn parameter to false is expected, since this flag was added for legacy Office scenarios.

    As per current design of authenticationMethod: resetPassword

    This flow writes the new password to Azure Active Directory and pushes it to on-premises Active Directory if configured using password writeback. The admin can either provide a new password or have the system generate one. The user is prompted to change their password on their next sign in.

    However if considering your business justification I would recommend you to post your requirement on our feedback portal. Let me know once posted so that I could vote for it. This portal is monitored by our dev team and based upon the possibility and business requirement the ideas are accepted.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.