cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Variable in Graph Request Body (PowerShell)

Larry Jones
Frequent Contributor

‎Jun 24 2021 05:47 AM

‎Jun 24 2021 05:47 AM

Variable in Graph Request Body (PowerShell)

Working off the following URL: https://docs.microsoft.com/en-us/graph/api/passwordauthenticationmethod-resetpassword?view=graph-res...

 

 

When I execute the following command in my PowerShell script it works flawlessly

$PWCBody = '{
"newPassword" : "ssd$$FGW!!",
"forceChangePasswordNextSignIn" : true
}'


$PWCURI = "https://graph.microsoft.com/beta/users/XXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/authentication/password..."
$PWChange = Invoke-RestMethod -Uri $PWCURI -Headers $HeaderDelegate -body $PWCbody -Method POST -ContentType "application/json"

 

However, when I change the Request Body newPassword to variable I get a (403) Bad Request. 

 

$PWCBody = '{

"newPassword" : $password,
"forceChangePasswordNextSignIn" : true
}'

 

How can i handle a variable in a Requested Body that's surrounded by single quotes?

 

Thank You,

 

-Larry 

 

Labels:
1,794 Views
0 Likes
6 Replies
Reply
6 Replies
Vasil Michev

‎Jun 24 2021 09:33 AM

‎Jun 24 2021 09:33 AM

Re: Variable in Graph Request Body (PowerShell)

Try this:

$PWCBody = @{
"newPassword" = $password
}
0 Likes
Reply
Larry Jones

‎Jun 24 2021 09:43 AM

‎Jun 24 2021 09:43 AM

Re: Variable in Graph Request Body (PowerShell)

Thank You for responding Vasil...
I tried using that format
$PWCBody = @{
"newPassword" = $password
}

Still getting the following message "Invoke-RestMethod : The remote server returned an error: (400) Bad Request."

Thank You,

-Larry
0 Likes
Reply
Vasil Michev

‎Jun 24 2021 11:00 AM

‎Jun 24 2021 11:00 AM

Re: Variable in Graph Request Body (PowerShell)

Yeah, they have terrible error handling on that endpoint. Bad request can mean anything from "you provided an invalid password" to "user is blocked" to "you are using application permissions and they don't work here". If it's still not working, capture the proper error message as detailed here: https://www.michev.info/Blog/Post/3298/unable-to-reset-the-password-for-a-disabled-account
0 Likes
Reply
Larry Jones

‎Jun 24 2021 11:13 AM - edited ‎Jun 24 2021 11:24 AM

‎Jun 24 2021 11:13 AM - edited ‎Jun 24 2021 11:24 AM

Re: Variable in Graph Request Body (PowerShell)

again thanks for responding to my post...

I'm able to successfully change user's password using the end point in my PowerShell script if the Requested Body for password is in string format
$PWCBody = '{"Password" : "ADC123", "forceChangePasswordNextSignIn" : true}'

I get the 400 Bad Request when I try change the Requested Body password from a string value to a variable.
$PWCBody = '{"Password" : $NewPassword, "forceChangePasswordNextSignIn" : true}'

 

FYI: None of the accounts i trying to change their password in not disable in AD or Azure AD.

 

Also, I using the following permission:

Directory.AccessAsUser.All - Delegated - Access directory as the signed in user
UserAuthenticationMethod.ReadWrite.All - Delegated - Read and write all users' authentication methods.
UserAuthenticationMethod.Read.All - Delegated - Read all users' authentication methods

 

The service service account has the Role: Authentication administrator

 

Thank You,

-Larry

0 Likes
Reply
best response confirmed by Larry Jones (Frequent Contributor)
Larry Jones

‎Jun 24 2021 11:57 AM

‎Jun 24 2021 11:57 AM

Solution

Re: Variable in Graph Request Body (PowerShell)

SOLUTION: I had to add " | ConvertTo-Json" at the end Request Body
$PWCBody = @{
newPassword = $password
forceChangePasswordNextSignIn = $true
} | ConvertTo-Json
1 Like
Reply
Compulinx

‎Nov 29 2021 11:53 PM

‎Nov 29 2021 11:53 PM

Re: Variable in Graph Request Body (PowerShell)

Took ages looking for this.. Thanks Larry!
1 Like
Reply