Forum Discussion
Variable in Graph Request Body (PowerShell)
- Jun 24, 2021SOLUTION: I had to add " | ConvertTo-Json" at the end Request Body
$PWCBody = @{
newPassword = $password
forceChangePasswordNextSignIn = $true
} | ConvertTo-Json
$PWCBody = @{
"newPassword" = $password
}
- EntilZhaJun 24, 2021Iron ContributorThank You for responding Vasil...
I tried using that format
$PWCBody = @{
"newPassword" = $password
}
Still getting the following message "Invoke-RestMethod : The remote server returned an error: (400) Bad Request."
Thank You,
-Larry- VasilMichevJun 24, 2021MVPYeah, they have terrible error handling on that endpoint. Bad request can mean anything from "you provided an invalid password" to "user is blocked" to "you are using application permissions and they don't work here". If it's still not working, capture the proper error message as detailed here: https://www.michev.info/Blog/Post/3298/unable-to-reset-the-password-for-a-disabled-account
- EntilZhaJun 24, 2021Iron Contributor
again thanks for responding to my post...
I'm able to successfully change user's password using the end point in my PowerShell script if the Requested Body for password is in string format
$PWCBody = '{"Password" : "ADC123", "forceChangePasswordNextSignIn" : true}'
I get the 400 Bad Request when I try change the Requested Body password from a string value to a variable.
$PWCBody = '{"Password" : $NewPassword, "forceChangePasswordNextSignIn" : true}'FYI: None of the accounts i trying to change their password in not disable in AD or Azure AD.
Also, I using the following permission:
Directory.AccessAsUser.All - Delegated - Access directory as the signed in user
UserAuthenticationMethod.ReadWrite.All - Delegated - Read and write all users' authentication methods.
UserAuthenticationMethod.Read.All - Delegated - Read all users' authentication methodsThe service service account has the Role: Authentication administrator
Thank You,
-Larry