SALES: 1-800-867-1380

Reset User's Password

Updated: February 23, 2015

This topic shows how to reset (update) the password for a specified user in the directory.

The request may be constructed as follows. Replace mytenantdomain with the domain of your Azure Active Directory tenant, such as contoso.onmicrosoft.com. The api-version query string parameter is required. The examples in this topic use the tenant domain to address the tenant. For other ways of addressing the tenant, see Addressing Entities and Operations in the Graph API.

 

HTTP Method Request URI HTTP Version

PATCH

https://graph.windows.net/mytenantdomain/users/<objectId>?api-version=2013-04-05

- or -

https://graph.windows.net/mytenantdomain/users/<userPrincipalName>?api-version=2013-04-05

HTTP 1.1

 

Request Header Description

Authorization

Required. A bearer token issued by Azure Active Directory. See Authentication Scenarios for Azure AD for more information.

Content-Type

Required. The media type of the content in the request body.

Content-Length

Required. The length of the request in bytes.

The passwordProfile property for the User. The value should be a valid PasswordProfile object that contains a password that satisfies the tenant’s password complexity policy. The password policy typically imposes constraints on the complexity, length, and re-use of a password. For more information see the PasswordProfile topic.

The following sample request resets the password of the user Alex@contoso.onmicrosoft.com.

PATCH https://graph.windows.net/contoso.onmicrosoft.com/users/Alex@contoso.onmicrosoft.com?api-version=2013-04-05 HTTP/1.1
Authorization: Bearer eyJ0eX ... FWSXfwtQ
Content-Type: application/json
Host: graph.windows.net
Content-Length: 138

{
      "passwordProfile":
      {
            "password":"Test123456",
            "forceChangePasswordNextLogin":false
      }
}

A successful operation returns status code 204 No Content.

 

Response Header Description

Location

The URI of the created User, which includes an Object Id.

ocp-aad-diagnostics-server-name

The identifier for the server that performed the requested operation.

ocp-aad-session-key

The key that identifies the current session with the directory service.

The following sample response is received when the sample request above is sent.

HTTP/1.1 204 No Content
Cache-Control: no-cache
Content-Length: 0
Server: Microsoft-IIS/7.5
ocp-aad-diagnostics-server-name: wByDmqOAuV8t6pYQ6JlEvztwcfHFDpgbEASm4svTq80=
request-id: 499138bf-ab25-4abc-8bfb-30cd0298b32b
client-request-id: 20183a89-7e37-4d8f-946e-5c5d7deb4b11
x-ms-dirapi-data-contract-version: 1.0
ocp-aad-session-key: 9_I4PZPEZp1x6qnR_TYWfGFf3a48nrtJ4PYTh_2l57_dCI_xscP2emebW3fOqjXC_j9RjjCOi7W0YhM4ELIyyypRB0tnbL19pXGF6Lbti88.8IWL2Z_Z1eKmpK19IiH5slRc2ueqIXjpwYwbE3GsmiI
X-Content-Type-Options: nosniff
DataServiceVersion: 1.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/2.5
X-Powered-By: ASP.NET
Date: Thu, 28 Mar 2013 00:48:02 GMT

See Also

Concepts

User

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2015 Microsoft