qrPin: updatePin

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Update the qrPin. Any user can update their own qrPin without belonging to any administrator role.

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

Permission type	Least privileged permissions	Higher privileged permissions
Delegated (work or school account)	Directory.AccessAsUser.All	Not available.
Delegated (personal Microsoft account)	Not supported.	Not supported.
Application	Not supported.	Not supported.

Important

In delegated scenarios with work or school accounts where the signed-in user is acting on another user, they must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

Authentication Administrator
Privileged Authentication Administrator

HTTP request

Update your own QR Code PIN.

Note

Calling the /me endpoint requires a signed-in user and therefore a delegated permission. Application permissions aren't supported when using the /me endpoint.

PATCH /me/authentication/qrCodePinMethod/pin/updatepin

Update another user's QR Code PIN.

Note

When calling the /users/{id} endpoint with {id} representing the signed-in user, the least privileged delegated permissions are UserAuthenticationMethod.Read for read operations and UserAuthenticationMethod.ReadWrite for write operations.

PATCH /users/{usersId}/authentication/qrCodePinMethod/pin/updatepin

Request headers

Name	Description
Authorization	Bearer {token}. Required. Learn more about authentication and authorization.
Content-Type	application/json. Required.

Request body

In the request body, supply a JSON representation of the parameters.

The following table lists the parameters that are required when you call this action.

Parameter	Type	Description
currentPin	String	the code of current qrPin.
newPin	String	the code of new qrPin.

Response

If successful, this action returns a 204 No Content response code.

Examples

Request

The following example shows a request.

HTTP
JavaScript

PATCH https://graph.microsoft.com/beta/me/authentication/qrCodePinMethod/pin/updatePin
Content-Type: application/json

{
  "currentPin": "09599786",
  "newPin": "56745755"
}


const options = {
	authProvider,
};

const client = Client.init(options);

const updatePin = {
  currentPin: '09599786',
  newPin: '56745755'
};

await client.api('/me/authentication/qrCodePinMethod/pin/updatePin')
	.version('beta')
	.update(updatePin);

Important

Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version. For details about accessing the beta API with the SDK, see Use the Microsoft Graph SDKs with the beta API.

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Response

The following example shows the response.

HTTP/1.1 204 No Content

Feedback

Was this page helpful?

Last updated on 2025-08-02

Share via

qrPin: updatePin

Permissions

HTTP request

Request headers

Request body

Response

Examples

Request

Response

Feedback

Additional resources