Reset-MgUserAuthenticationMethodPassword
Reset a user's password, represented by a password authentication method object. This can only be done by an administrator with appropriate permissions and can't be performed on a user's own account. To reset a user's password in Azure AD B2C, use the Update user API operation and update the passwordProfile > forceChangePasswordNextSignIn object. This flow writes the new password to Microsoft Entra ID and pushes it to on-premises Active Directory if configured using password writeback. The admin can either provide a new password or have the system generate one. The user is prompted to change their password on their next sign in. This reset is a long-running operation and returns a Location header with a link where the caller can periodically check for the status of the reset operation.
Note
To view the beta release of this cmdlet, view Reset-MgBetaUserAuthenticationMethodPassword
Reset-MgUserAuthenticationMethodPassword
-AuthenticationMethodId <String>
-UserId <String>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-NewPassword <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Reset-MgUserAuthenticationMethodPassword
-AuthenticationMethodId <String>
-UserId <String>
-BodyParameter <IPaths1KjcdupUsersUserIdAuthenticationMethodsAuthenticationmethodIdMicrosoftGraphResetpasswordPostRequestbodyContentApplicationJsonSchema>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Reset-MgUserAuthenticationMethodPassword
-InputObject <IIdentitySignInsIdentity>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-NewPassword <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Reset-MgUserAuthenticationMethodPassword
-InputObject <IIdentitySignInsIdentity>
-BodyParameter <IPaths1KjcdupUsersUserIdAuthenticationMethodsAuthenticationmethodIdMicrosoftGraphResetpasswordPostRequestbodyContentApplicationJsonSchema>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Reset a user's password, represented by a password authentication method object. This can only be done by an administrator with appropriate permissions and can't be performed on a user's own account. To reset a user's password in Azure AD B2C, use the Update user API operation and update the passwordProfile > forceChangePasswordNextSignIn object. This flow writes the new password to Microsoft Entra ID and pushes it to on-premises Active Directory if configured using password writeback. The admin can either provide a new password or have the system generate one. The user is prompted to change their password on their next sign in. This reset is a long-running operation and returns a Location header with a link where the caller can periodically check for the status of the reset operation.
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
newPassword = "Cuyo5459"
}
Reset-MgUserAuthenticationMethodPassword -UserId $userId -AuthenticationMethodId $authenticationMethodId -BodyParameter $paramsThis example will user-submitted password
Import-Module Microsoft.Graph.Identity.SignIns
$params = @{
}
Reset-MgUserAuthenticationMethodPassword -UserId $userId -AuthenticationMethodId $authenticationMethodId -BodyParameter $paramsThis example will system-generated password
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
The unique identifier of authenticationMethod
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IPaths1KjcdupUsersUserIdAuthenticationMethodsAuthenticationmethodIdMicrosoftGraphResetpasswordPostRequestbodyContentApplicationJsonSchema |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
| Type: | IIdentitySignInsIdentity |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
The unique identifier of user
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Microsoft.Graph.PowerShell.Models.IIdentitySignInsIdentity
Microsoft.Graph.PowerShell.Models.IPaths1KjcdupUsersUserIdAuthenticationMethodsAuthenticationmethodIdMicrosoftGraphResetpasswordPostRequestbodyContentApplicationJsonSchema
System.Collections.IDictionary
System.String
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IPaths1KjcdupUsersUserIdAuthenticationMethodsAuthenticationmethodIdMicrosoftGraphResetpasswordPostRequestbodyContentApplicationJsonSchema>: .
[(Any) <Object>]: This indicates any property can be added to this object.[NewPassword <String>]:
INPUTOBJECT <IIdentitySignInsIdentity>: Identity Parameter
[ActivityBasedTimeoutPolicyId <String>]: The unique identifier of activityBasedTimeoutPolicy[AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy[AuthenticationCombinationConfigurationId <String>]: The unique identifier of authenticationCombinationConfiguration[AuthenticationConditionApplicationAppId <String>]: The unique identifier of authenticationConditionApplication[AuthenticationContextClassReferenceId <String>]: The unique identifier of authenticationContextClassReference[AuthenticationEventListenerId <String>]: The unique identifier of authenticationEventListener[AuthenticationEventsFlowId <String>]: The unique identifier of authenticationEventsFlow[AuthenticationMethodConfigurationId <String>]: The unique identifier of authenticationMethodConfiguration[AuthenticationMethodId <String>]: The unique identifier of authenticationMethod[AuthenticationMethodModeDetailId <String>]: The unique identifier of authenticationMethodModeDetail[AuthenticationStrengthPolicyId <String>]: The unique identifier of authenticationStrengthPolicy[B2XIdentityUserFlowId <String>]: The unique identifier of b2xIdentityUserFlow[BitlockerRecoveryKeyId <String>]: The unique identifier of bitlockerRecoveryKey[CertificateBasedAuthConfigurationId <String>]: The unique identifier of certificateBasedAuthConfiguration[ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy[ConditionalAccessPolicyId <String>]: The unique identifier of conditionalAccessPolicy[ConditionalAccessTemplateId <String>]: The unique identifier of conditionalAccessTemplate[CrossTenantAccessPolicyConfigurationPartnerTenantId <String>]: The unique identifier of crossTenantAccessPolicyConfigurationPartner[CustomAuthenticationExtensionId <String>]: The unique identifier of customAuthenticationExtension[DataPolicyOperationId <String>]: The unique identifier of dataPolicyOperation[DirectoryObjectId <String>]: The unique identifier of directoryObject[EmailAuthenticationMethodId <String>]: The unique identifier of emailAuthenticationMethod[FeatureRolloutPolicyId <String>]: The unique identifier of featureRolloutPolicy[Fido2AuthenticationMethodId <String>]: The unique identifier of fido2AuthenticationMethod[HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy[IdentityApiConnectorId <String>]: The unique identifier of identityApiConnector[IdentityProviderBaseId <String>]: The unique identifier of identityProviderBase[IdentityProviderId <String>]: The unique identifier of identityProvider[IdentityUserFlowAttributeAssignmentId <String>]: The unique identifier of identityUserFlowAttributeAssignment[IdentityUserFlowAttributeId <String>]: The unique identifier of identityUserFlowAttribute[LongRunningOperationId <String>]: The unique identifier of longRunningOperation[MicrosoftAuthenticatorAuthenticationMethodId <String>]: The unique identifier of microsoftAuthenticatorAuthenticationMethod[MultiTenantOrganizationMemberId <String>]: The unique identifier of multiTenantOrganizationMember[NamedLocationId <String>]: The unique identifier of namedLocation[OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant[OrganizationId <String>]: The unique identifier of organization[PasswordAuthenticationMethodId <String>]: The unique identifier of passwordAuthenticationMethod[PermissionGrantConditionSetId <String>]: The unique identifier of permissionGrantConditionSet[PermissionGrantPolicyId <String>]: The unique identifier of permissionGrantPolicy[PhoneAuthenticationMethodId <String>]: The unique identifier of phoneAuthenticationMethod[RiskDetectionId <String>]: The unique identifier of riskDetection[RiskyServicePrincipalHistoryItemId <String>]: The unique identifier of riskyServicePrincipalHistoryItem[RiskyServicePrincipalId <String>]: The unique identifier of riskyServicePrincipal[RiskyUserHistoryItemId <String>]: The unique identifier of riskyUserHistoryItem[RiskyUserId <String>]: The unique identifier of riskyUser[ServicePrincipalRiskDetectionId <String>]: The unique identifier of servicePrincipalRiskDetection[SoftwareOathAuthenticationMethodId <String>]: The unique identifier of softwareOathAuthenticationMethod[TemporaryAccessPassAuthenticationMethodId <String>]: The unique identifier of temporaryAccessPassAuthenticationMethod[ThreatAssessmentRequestId <String>]: The unique identifier of threatAssessmentRequest[ThreatAssessmentResultId <String>]: The unique identifier of threatAssessmentResult[TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy[TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy[UnifiedRoleManagementPolicyAssignmentId <String>]: The unique identifier of unifiedRoleManagementPolicyAssignment[UnifiedRoleManagementPolicyId <String>]: The unique identifier of unifiedRoleManagementPolicy[UnifiedRoleManagementPolicyRuleId <String>]: The unique identifier of unifiedRoleManagementPolicyRule[UserFlowLanguageConfigurationId <String>]: The unique identifier of userFlowLanguageConfiguration[UserFlowLanguagePageId <String>]: The unique identifier of userFlowLanguagePage[UserId <String>]: The unique identifier of user[WindowsHelloForBusinessAuthenticationMethodId <String>]: The unique identifier of windowsHelloForBusinessAuthenticationMethod