我正在使用azure AD进行应用程序身份验证。用户在Azure AD中成功创建。用户可以使用密码登录。我的要求是用户如何重置自己的密码。当用户忘记密码时,他们如何在我的应用程序中重置自己的密码。有没有图表api?
Resetting a user's password是更新用户操作的特例。为User指定passwordProfile属性。该请求包含一个有效的PasswordProfile
对象,该对象指定满足租户密码复杂性策略的密码。密码策略通常对密码的复杂性,长度和重用施加约束。有关更多信息,请参阅PasswordProfile主题。
您可以通过PATCH用户对象重置用户的密码:
PATCH https://graph.windows.net/myorganization/users/{user_id}?api-version=1.6
{
"passwordProfile": {
"password": "{password}",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration"
}
制备:
1.切换您具有管理权限的目录。在Azure AD中添加新用户。获取用户名和密码。
注意:设置用户名时,@后面是您的整个目录名称。第一次登录时,需要更改密码。
2.转到已注册的本机应用程序,添加权限将该目录作为已登录用户访问该应用程序。 注意:要求委托范围User.ReadWrite.All
或Directory.AccessAsUser.All
重置用户密码。除了正确的范围之外,signed-in
用户还需要足够的权限来重置其他用户的密码。
3.现在,你可以参考下面的代码:
var graphResourceId = "https://graph.windows.net/";
var tenantId = "xxxxxxxxxxxxxxxxxxxxx";
var clientId = "xxxxxxxxxxxxxxxxxxxxxxx";
var username = "xxxxxxxxxxxxxxxxxxxx";
var password = "xxxxxxxxx";
var servicePointUri = new Uri(graphResourceId);
var serviceRoot = new Uri(servicePointUri, tenantId);
string aadInstance = "https://login.microsoftonline.com/" + tenantId + "/oauth2/token";
AuthenticationContext authenticationContext = new AuthenticationContext(aadInstance, false);
UserPasswordCredential credential = new UserPasswordCredential(username, password);
AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync(graphResourceId, clientId, credential).Result;
var accessToken = authenticationResult.AccessToken;
HttpClient http = new HttpClient();
string url = "https://graph.windows.net/" + tenantId + "/users/" + username + "?api-version=1.6";
var method = new HttpMethod("PATCH");
HttpRequestMessage request = new HttpRequestMessage(method, url);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
var body = "{\"passwordProfile\": {\"password\": \"YourNewPassword\",\"forceChangePasswordNextLogin\": false},\"passwordPolicies\":\"DisablePasswordExpiration\"}";
request.Content = new StringContent(body, Encoding.UTF8, "application/json");
HttpResponseMessage response = http.SendAsync(request).Result;