AD B2C: Any option to Validate current password against the user object

Shailesh Devadiga 41 Reputation points Microsoft Employee
2022-07-15T12:07:32.963+00:00

We wanted to validate the current password of the B2C user through graph API.
This API will be called through B2C user journey.
I could see the option ValidatePassword but that only validates the password passed against the complexity not against the individual user credentials

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,571 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,216 Reputation points
    2022-07-18T09:43:34+00:00

    Hi @Shailesh Devadiga • Thank you for reaching out.

    As of now Graph API can only validate passwords to check whether the passwords meet the complexity requirements or not. You cannot use Graph API to do the credential validation to determine if the password of the given user is correct or not. For credentials validation, the credentials must be supplied to one of the below endpoints (depending on auth flow used):

    1. Authorization : https://login.microsoftonline.com/tenant_name/oauth2/v2.0/authorize
    2. Token : https://login.microsoftonline.com/tenant_name/oauth2/v2.0/token

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.