I Can't Reset Passwords in Azure with the MS 365 HTTP Request

Feedback Activities
, ,
1

I am trying to reset passwords in Azure with the MS 365 HTTP request. My Azure App has the appropriate permissions (User.Read.Write.All and Password Administrator Role). We were able to previously reset the password with the same service account, but the powershell command is no longer supported.

I keep getting a 403 error when I make this API call, saying I don’t have the appropriate permissions.
"{\"error\":{\"code\":\"Authorization_RequestDenied\",\"message\":\"Insufficient privileges to complete the operation.\",\....."

Request Method = PATCH

Here is my endpoint:

image
image563×227 9.6 KB

And here is my body:

image
image490×257 8.03 KB

We’ve been working with our system admin for the past couple days and we can’t figure this out for the life of us. Any help is greatly appreciated!

3

@mahenry

Looks like permission type should be delegated and not application scope..can you check the same

IMG_9396
IMG_9396828×1272 129 KB

IMG_9397
IMG_9397828×923 160 KB

Cheers

4

Thank you Anil. But I tried this and it was still giving me a 403 error. I used a powershell script to achieve the same goal and it worked through the app.
Could it be that the permissions for the connection pictured below, are the only permissions that can be delegated through the M365 integration Service connection?

image
image457×927 53.9 KB

5

@mahenry

Ideally yes if it is missing..becuase hhtp request is not available for microsoft connector if that is available then all scopes are exposed

Cheers

6

Try clicking inside the Scopes control and they type the missing permissions. If you have them on the App too, they should work.