[英]Microsoft.Graph.ServiceException: Code: methodNotAllowed

I am getting 400 after sending the request below to my b2c tenant.将以下请求发送给我的 b2c 租户后,我得到了 400。 see below for more details:请参阅下面的更多细节:

Microsoft.Graph.ServiceException: Code: methodNotAllowed Message: The method is not supported for this URL. Microsoft.Graph.ServiceException:代码:methodNotAllowed 消息:此 URL 不支持该方法。

I need to reset the user password, so I am following what is described here: https://docs.microsoft.com/en-us/graph/api/passwordauthenticationmethod-resetpassword?view=graph-rest-beta&tabs=csharp我需要重置用户密码,所以我遵循这里描述的内容: https://docs.microsoft.com/en-us/graph/api/passwordauthenticationmethod-resetpassword?view=graph-rest-beta&tabs=csharp

here is my code:这是我的代码:

public async Task<string> ResetPassword(string userId)
            var newPassword = Helpers.PasswordHelper.GenerateNewPassword(4, 8, 4);
            var result = await graphClient
                .ResetPassword(newPassword, null)
            return result.NewPassword;

The package I added to the project我添加到项目中的 package

<Project Sdk="Microsoft.NET.Sdk.Web">
    <PackageReference Include="Microsoft.Graph.Auth" Version="1.0.0-preview.4" />
    <PackageReference Include="Microsoft.Graph.Beta" Version="0.39.0-preview" />
    <PackageReference Include="Microsoft.Identity.Client" Version="4.13.0" />
    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="3.1.2" />
    <PackageReference Include="Swashbuckle.AspNetCore" Version="5.0.0" />

What I am doing wrong?我做错了什么?

It is not recommended that using the Microsoft Graph Beta version:不建议使用 Microsoft Graph Beta 版本: 在此处输入图像描述

If you want to change a user's password, you can try to use Microsoft Graph API to do it, just try the simple console app below:如果要更改用户密码,可以尝试使用 Microsoft Graph API 来完成,只需尝试下面的简单控制台应用程序即可:

    using Newtonsoft.Json;
    using System;
    using System.Collections.Generic;
    using System.IO;
    using System.Net;
    using System.Net.Http;
    using System.Net.Http.Headers;
    using System.Threading.Tasks;
    namespace graphsdktest
        class Program
            public static async Task<string> GetAccessToken()
                using (var client = new HttpClient())
                    var clientId = "<app id>";
                    var clientSecret = "<app secret>";
                    var tenantID = "<tenant id>";
                    var adminUserName = "<b2c admin user account>";
                    var password = "<b2c admin user password>";
                    var tokenUrl = @"https://login.microsoftonline.com/" + tenantID + "/oauth2/v2.0/token";
                    client.BaseAddress = new Uri(tokenUrl);
                    client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                    List<KeyValuePair<string, string>> postData = new List<KeyValuePair<string, string>>();
                    postData.Add(new KeyValuePair<string, string>("grant_type", "password"));
                    postData.Add(new KeyValuePair<string, string>("client_id", clientId));
                    postData.Add(new KeyValuePair<string, string>("client_secret", clientSecret));
                    postData.Add(new KeyValuePair<string, string>("scope", "openid"));
                    postData.Add(new KeyValuePair<string, string>("username", adminUserName));
                    postData.Add(new KeyValuePair<string, string>("password", password));
                    FormUrlEncodedContent requestBody = new FormUrlEncodedContent(postData);
                    var request = await client.PostAsync(tokenUrl, requestBody).ConfigureAwait(false);
                    var response = await request.Content.ReadAsStringAsync();
                    var responseData = JsonConvert.DeserializeObject(response);
                    return ((dynamic)responseData).access_token;
            static void Main(string[] args)
                var accessToken = GetAccessToken().GetAwaiter().GetResult();
                var userID = "<target user id>";
                var newPass = "<new password>";
                var requstURL = @"https://graph.microsoft.com/v1.0/users/" + userID;
                var httpWebRequest = (HttpWebRequest)WebRequest.Create(requstURL);
                httpWebRequest.ContentType = "application/json";
                httpWebRequest.Headers.Add("Authorization", "Bearer " + accessToken);
                httpWebRequest.Method = "PATCH";
                using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
                string json = "{\"passwordProfile\":{\"forceChangePasswordNextSignIn\":false,\"password\":\"" + newPass + "\"}}";
                var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
                //if code is 204 means request has been accepted, change password successfully


Permissions you need to grand to your application:您需要授予您的应用程序的权限:


For more about this API, see this official doc .有关此 API 的更多信息,请参阅此官方文档

I managed to make the Graph API call using the SDK work by assign the role User Administrator to my b2c application and also generate a secret so that you can use it to configure your C# application.通过将角色User Administrator分配给我的 b2c 应用程序,我设法使用 SDK 使 Graph API 调用工作,并生成一个秘密,以便您可以使用它来配置您的 ZD7EFA19FBE7D3972FD5ADB6024223D7 应用程序。

  "appSettings": {

    "TenantId": "XXXXX.onmicrosoft.com",
    "AppId": "2a4c5942-7156-4fce-b524-XXXXXXXXX",
    "ClientSecret": "7746Dj-_h4rrK-XXXXXXXXXX",

And the code to update the password is:更新密码的代码是:

public async Task<string> UpdateUserPassword(string userId)
    var password = Helpers.PasswordHelper.GenerateNewPassword(4, 8, 4);
    var user = new User
        Id = userId,
        PasswordProfile = new PasswordProfile
            Password = password,
            ForceChangePasswordNextSignIn = false
        PasswordPolicies = "DisablePasswordExpiration"


    await graphClient

    return password;

However, I have set ForceChangePasswordNextSignIn = false the b2c doesn't ask the user to change the password after the first sign-in using it.但是,我设置ForceChangePasswordNextSignIn = false b2c 不会在第一次使用它登录后要求用户更改密码。 If you set it to true I cannot sign-in.如果您将其设置为true ,我将无法登录。 I am using a custom policy for sign-in/up.我正在使用自定义策略进行登录/注册。 Any idea?任何想法?


