1

I am using the graph api to reset the users password, but there is a delay when I try the new password, between 1-2 minutes before the new password works. I am using the following endpoint:

PATCH https://graph.microsoft.com/v1.0/users/{{userId}}

{
    "passwordProfile" : {
       "password": "111111",
       "forceChangePasswordNextSignIn": false
    }
}

Is there a way to tell when the new password is ready to use or another more efficient endpoint?

Pedro
  • 37
  • 3

2 Answers2

2

I tried to reproduce the same in my environment and got the below results:

I tried to reset password the Azure AD B2C user's password:

PATCH https://graph.microsoft.com/v1.0/users/UserId

{
    "passwordProfile" : {
       "password": "password",
       "forceChangePasswordNextSignIn": false
    }
}

enter image description here

After resetting the password even, I faced a delay of a minute before the new password worked.

Note that: By default, there is a replication delay of seconds/minute after resetting the password.

  • There is a primary in Azure AD which handles the change password(write) and many secondary instances which handles login (read) and so there is a delay after resetting the password to secondary instances.
  • In order to sign in and change the password, the user must wait at least two minutes.
  • There is no other endpoint available to show when the new password is ready to use.
Rukmini
  • 6,015
  • 2
  • 4
  • 14
1

graph takes up to 5 minutes in updating/showing the value. What I have used in the past to resolve this is Redis Cache. When saving the new data (password in your case), save it also in redis for 5 minutes, then when checking, go first to redis, if the value is not there, go to graph.

Iria
  • 433
  • 1
  • 8
  • 20
  • That's a good option, thanks! – Pedro Feb 23 '23 at 14:52
  • 1
    not a problem, this is caused by the way that graph database works, it is a distributed database, so it has to update all of the nodes, therefore the delay. – Iria Feb 23 '23 at 22:00