Stop user from being able to change password to the current one again using Graph API

Manu 41 Reputation points

I am creating a power automate flow to be used by Power Virtual Agent Bot which will assist user in changing their passwords.
"passwordProfile": {
"password": "Test12345678",
"forceChangePasswordNextSignIn": false
However, I noticed that user is able to change password to the current password again.
That means even with password change policy, user can forever keep the same password.

Any ways to overcome this limitation?

Microsoft Graph Directory Management API
Microsoft Graph Users API
Microsoft Graph Users API
A Microsoft API that allows you to build compelling app experiences based on users, their relationships with other users and groups, and the resources they access for example their mails, calendars, files, administrative roles, group memberships.
551 questions
Microsoft Graph Identity API
Microsoft Graph Identity API
A Microsoft API to access Azure Active Directory (Azure AD) resources to enable scenarios like managing administrator (directory) roles, inviting external users to an organization, and, if you are a Cloud Solution Provider (CSP), managing your customer's data.
257 questions
Microsoft Graph Applications API
Microsoft Graph Applications API
A Microsoft API that enables you to manage these resources and actions related to applications in Azure Active Directory.
432 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. SrinivasaRaoDarna - MSFT 6,241 Reputation points Microsoft Employee

    Hi @Manu ,

    AAD password policies enable users to use the same password, the last password can be used again when the user resets a forgotten password.
    Refer to Azure AD password policies.

    Hope this helps.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have further questions about this answer, please click "Comment".