I am using Microsoft azure ad a authentication. When I am trying to change the user password with graph api it will give me an error
I have also set permission that is required for password change, but then it will also not work
I have wrote code in node.js with like this
const changePassword = {
currentPassword: ctx.request.body.currentPassword,
newPassword: ctx.request.body.newPassword
};
const client = createAuthenticated.createAuthenticatedClient();
await client.api('/me/changePassword').post(changePassword);
The changing password api can only support delegate permission, it has been indicated in api document, and it also appeared in your error message.
Delegate api permission means you can't use client credential flow to generate access token/credential to call this api, you can only use such as ropc flow or auth code flow to generate the access token.
I think you've read this sample to call the api, but you didn't choose a correct authentication provider. If your app is a website which required user to sign in, then you may choose this one. But pls note, the client-credential-flow is not suitable for this scenario.
=======================Update====================
The html+js code in my this answer provides a sample which integrate msal to let user sign in and generate access token for calling graph api.
Change
AzureMgmtScopsvalue toscopes:["Directory.AccessAsUser.All"]then it will return you an access token with this permission, then pls use this token to send a post request like this, I think you can then finish your task. But this way will not change your server side, it's suitable for the structure which is frontend-backend separated.