Changing user password in Azure AD using GraphAPI

The following pertains to a very specific scenario: You use Azure AD for some applications (e.g. Office365), but… …one of your applications does NOT use Azure AD (yet). It has its own authentication store and method (e.g. forms authn). However, you want to keep the application’s credentials in sync with AAD. Basically, allow same signon […]

Should an application handle user credentials?

I think the answer is ‘no’ or ‘only under special circumstances’ (see Exceptions below) but would be interested in your comments. By ‘own credential management’ I mean have own store of user names AND passwords and code to challenge users for the credentials, create them, reset passwords, etc. The alternative I am recommending is for the application to use […]