如何在Azure AD用户中重置密码?

问题描述 投票:1回答:1

我正在使用azure AD进行应用程序身份验证。用户在Azure AD中成功创建。用户可以使用密码登录。我的要求是用户如何重置自己的密码。当用户忘记密码时,他们如何在我的应用程序中重置自己的密码。有没有图表api?

azure-active-directory azure-ad-graph-api
1个回答
1
投票

Resetting a user's password是更新用户操作的特例。为User指定passwordProfile属性。该请求包含一个有效的PasswordProfile对象,该对象指定满足租户密码复杂性策略的密码。密码策略通常对密码的复杂性,长度和重用施加约束。有关更多信息,请参阅PasswordProfile主题。

您可以通过PATCH用户对象重置用户的密码:

PATCH https://graph.windows.net/myorganization/users/{user_id}?api-version=1.6

{
    "passwordProfile": {
        "password": "{password}",
        "forceChangePasswordNextLogin": false
    },
    "passwordPolicies": "DisablePasswordExpiration"
}

制备:

1.切换您具有管理权限的目录。在Azure AD中添加新用户。获取用户名和密码。

注意:设置用户名时,@后面是您的整个目录名称。第一次登录时,需要更改密码。

enter image description here

2.转到已注册的本机应用程序,添加权限将该目录作为已登录用户访问该应用程序。 enter image description here注意:要求委托范围User.ReadWrite.AllDirectory.AccessAsUser.All重置用户密码。除了正确的范围之外,signed-in用户还需要足够的权限来重置其他用户的密码。

3.现在,你可以参考下面的代码:

var graphResourceId = "https://graph.windows.net/";
var tenantId = "xxxxxxxxxxxxxxxxxxxxx";
var clientId = "xxxxxxxxxxxxxxxxxxxxxxx";
var username = "xxxxxxxxxxxxxxxxxxxx";
var password = "xxxxxxxxx";
var servicePointUri = new Uri(graphResourceId);
var serviceRoot = new Uri(servicePointUri, tenantId);
string aadInstance = "https://login.microsoftonline.com/" + tenantId + "/oauth2/token";
AuthenticationContext authenticationContext = new AuthenticationContext(aadInstance, false);

UserPasswordCredential credential = new UserPasswordCredential(username, password);
AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync(graphResourceId, clientId, credential).Result;
var accessToken = authenticationResult.AccessToken;
HttpClient http = new HttpClient();
string url = "https://graph.windows.net/" + tenantId + "/users/" + username + "?api-version=1.6";
var method = new HttpMethod("PATCH");
HttpRequestMessage request = new HttpRequestMessage(method, url);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
var body = "{\"passwordProfile\": {\"password\": \"YourNewPassword\",\"forceChangePasswordNextLogin\": false},\"passwordPolicies\":\"DisablePasswordExpiration\"}";
request.Content = new StringContent(body, Encoding.UTF8, "application/json");
HttpResponseMessage response = http.SendAsync(request).Result;

这是输出:enter image description here

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.