Reset Microsoft Entra ID User Password - Incident Trigger

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

This playbook will reset the user password using Graph API. It will send the password (which is a random guid substring) to the user's manager. The user will have to reset the password upon login.

Attribute	Value
Type	Playbook
Solution	Microsoft Entra ID
Source	View on GitHub

Logic App Connectors

This playbook uses 4 Logic App connectors / built-in actions:

Connector / Action	Type	Connections	Actions
`azuresentinel`	Managed	1	0
`microsoftsentinel`	Managed	0	3
`office365`	Managed	1	1
`http`	Built-in	0	2

Action parameters (URLs, paths, function IDs)

`microsoftsentinel` (Managed)

Action	Method	Endpoint	Other
Entities_-_Get_Accounts	post	`/entities/account`	—
Add_comment_to_incident_-_manager_available	post	`/Incidents/Comment`	—
Add_comment_to_incident_-_manager_not_available	post	`/Incidents/Comment`	—

`office365` (Managed)

Action	Method	Endpoint	Other
Send_an_email_-_to_manager_with_password_details	post	`/v2/Mail`	—

`http` (Built-in)

Action	Method	Endpoint	Other
HTTP_-_get_manager	GET	`https://graph.microsoft.com/v1.0/users/@{concat(items('For_each')?['Name'], '@', items('for_each')?['UPNSuffix'])}/manager`	—
HTTP_-_reset_a_password	PATCH	`https://graph.microsoft.com/v1.0/users/@{concat(items('For_each')?['Name'], '@', items('for_each')?['UPNSuffix'])}`	—

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Playbooks · Back to Microsoft Entra ID

Reset Microsoft Entra ID User Password - Incident Trigger

Logic App Connectors

microsoftsentinel (Managed)

office365 (Managed)

http (Built-in)

`microsoftsentinel` (Managed)

`office365` (Managed)

`http` (Built-in)