Error while password reset in Azure Directory.

Question

Error while password reset in Azure Directory.

Risa Shereen 71

Hi Team,

I was doing password reset in AD referring the doc-(https://learn.microsoft.com/en-us/graph/api/passwordauthenticationmethod-resetpassword?view=graph-rest-beta&tabs=http) but when we use the post request for the password reset(POST /users/{id | userPrincipalName}/authentication/passwordMethods/{id}/resetPassword) ,we are getting accessDenied error. (Attaching the screenshot of the error )
We have given the api permissions as User.Read , UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All. Can you please look into the issue.

ShivaniRai-MSFT-7217 2,751 Reputation points

2022-07-08T12:05:35.223+00:00

Hi @Risa Shereen ,

Could you please verify that you have one of these roles: Global administrator, Privileged authentication administrator, Authentication administrator
Risa Shereen 71 Reputation points

2022-07-11T11:41:50.13+00:00

Hi Shivani,

I checked Azure AD roles assigned to me and could find that I am assigned Global Administrator role. The error still occurs while doing password reset.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Risa Shereen 71 Reputation points

2022-08-09T13:10:07.67+00:00

Hi @Kashton7468 ,

My problem was resolved . The issue happened for me because of the authentication method that I used. We have to use user authentication for Password reset. Please refer the below link for the steps for user authentication (https://learn.microsoft.com/en-us/answers/questions/935674/user-authentication-in-token-generation.html).

1 answer

Your answer

ShivaniRai-MSFT-7217 2,751 Reputation points

2022-07-08T12:05:35.223+00:00

Hi @Risa Shereen ,

Could you please verify that you have one of these roles: Global administrator, Privileged authentication administrator, Authentication administrator
Risa Shereen 71 Reputation points

2022-07-11T11:41:50.13+00:00

Hi Shivani,

I checked Azure AD roles assigned to me and could find that I am assigned Global Administrator role. The error still occurs while doing password reset.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Risa Shereen 71 Reputation points

2022-08-09T13:10:07.67+00:00

Hi @Kashton7468 ,

My problem was resolved . The issue happened for me because of the authentication method that I used. We have to use user authentication for Password reset. Please refer the below link for the steps for user authentication (https://learn.microsoft.com/en-us/answers/questions/935674/user-authentication-in-token-generation.html).

Answer 1

Hi,

You have not clarified if the user you are trying to reset is your own account or other account? Please check the pre-requisites for resetting the password and you should have one of these permissions.

Permission type Permissions (from least to most privileged)
Delegated (work or school account) UserAuthenticationMethod.ReadWrite.All
Delegated (personal Microsoft account) Not supported.
Application Not supported.

To eliminate your account permisson issue please assign following roles to your account.
Global administrator
Privileged authentication administrator
Authentication administrator

If this answer helped you please mark it as "Verified" so other users can reference it.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Share via

Error while password reset in Azure Directory.

1 answer

Your answer