![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 9%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
HI @hany · Thank you for reaching out.
If you are using application context to perform this action, make sure the application is assigned with User Administrator role (Azure AD > Roles and Administrators > User Administrator). If you are trying to reset the password of Global Admin of your tenant, you need to assign the application with the Global Administrator role because User Administrator can only reset password for limited administrators and not Global Administrators.
Once the Role is assigned to the application, acquire a new token under application context and make below call with the token in Authorization header:
Call
PATCH https://graph.microsoft.com/v1.0/users/USERNAME@YOUR_TENANT.onmicrosoft.com
Body:
{
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "P@$$w0rd3333"
}
}
If you still get the same error, please try after few minutes as it might take some time for the changes to take effect.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.