Reset a user's password without Directory.AccessAsUser.All permission in ADB2C using MS Graph API

1
votes

Previously, I was able to reset a user's password by using the following steps:

  1. Get an access token with an administrator's credentials and setting the scope to Directory.AccessAsUser.All from https://login.microsoftonline.com/{{tenant_id}}/oauth2/v2.0/token
  2. Pass the new password in a passwordProfile object and hit the https://graph.microsoft.com/v1.0/users/{{oid}} using the access token retrieved from the first step.

But now, I cannot find Directory.AccessAsUser.All under Delegated API Permissions. delegated permissions

enter image description here

enter image description here

How can I change a user's password without it?

2
azureazure-active-directorymicrosoft-graph-apiazure-ad-b2c
Scroll down to the "Directory" entry and click on the arrowHong Ooi
@HongOoi there is nothing such as "Directory" in my view. I updated the question with a few more screenshots.John Smith

2 Answers

1
votes

When you create the application registration, choose the first option - accounts in this organisational directory. You won’t use this app for B2C user flows, only for your admin AAD account, hence you choose the first option.

0
votes

Just search "Directory.AccessAsUser.All" for it.

enter image description here