MS Graph API | Resource not found and Inssufiecient Priveleges

Abhay Chandramouli 966 Reputation points
2022-05-09T09:31:44.64+00:00

Hi,
I have developed a login method using Azure AD B2C. I have registered 2 applications, the IdentityFramework and the ProxyFramework. I have created userflows using custom policies and have created multiple users using which I can login.

Now I am trying to update the users password using MS Graph API. I have used the client credentials flow to get the token
![![200185-image.png][1]][1]

Then I use this token to call the users/{id} api but I get Resource Not found for most of the users. I cannot see these users registered to the application ProxyFramework.
Q1: How to make these users automatically register to application on registration/login
Q2: I have some users who are registred to the App. But when I try to change passwords for them, it shows Insufficient Privelges. I have given almost all permisions.

Please help

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,294 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,610 questions
{count} votes

Accepted answer
  1. CarlZhao-MSFT 36,001 Reputation points
    2022-05-10T06:35:23.963+00:00

    Hi anonymous user

    Q1: How to make these users automatically register to application on registration/login.

    You need to create the signupsignin user flow in your Azure AD B2C portal, then select Run user flow in the portal. For Application, select the web application named ProxyFramework that you previously registered, then click on run user flow and select Sign up now. Refer to the official doc.

    Q2: I have some users who are registred to the App. But when I try to change passwords for them, it shows Insufficient Privelges. I have given almost all permisions.

    Modifying passwords of B2C users using application permissions is not supported, you should grant Directory.AccessAsUser.All delegate permission for your application and grant admin consent, then use Azure AD based authentication flow (eg: auth code flow) to get the token.

    Finally, you only need to modify the password in the passwordProfile field.

    200460-image.png


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 additional answers

Sort by: Most helpful