Hi there is a way to authenticate the user without the interface UI, using only an API?
What I need is: inside my application I want the use to be able to change the passorwd, I know that there is a way using the Graph API,
but for security reasons I want to check the current password.
How can I do that?
Thanks.
Hi @Dervanil-Junior · Thank you for reaching out.
When you use changePassword graph call, current password is checked. Current password is not checked when you use resetPassword graph call. Using below call should be fine in your case.
POST https://graph.microsoft.com/v1.0/me/changePassword
Content-Type: application/json
{
"currentPassword": "Password@1234",
"newPassword": "Password@5678"
}
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
@Dervanil-Junior · All the users have permissions to change their own password, and since we are using me/changePassword, there is no additional permission required as it will be done in currently logged in user's context.
I'm using a Custom Policy (B2C) to authenticate the users and receiving an id_token, with this token there's a way to call this endpoint?
4 people are following this question.
