Update validatePassword permissions to require Entra admin roles (#28668)

* Update validatePassword permissions to require Entra admin roles

* Reorder admin roles list

* Update ms.date to current date

Author: yuhko-msft

api-reference/beta/api/user-validatepassword.md

@@ -6,7 +6,7 @@ ms.reviewer: "iamut"
 ms.localizationpriority: medium
 ms.subservice: entra-users
 doc_type: apiPageType
-ms.date: 10/09/2024
+ms.date: 4/15/2026
 ---
 
 # user: validatePassword
@@ -24,8 +24,13 @@ Choose the permission or permissions marked as least privileged for this API. Us
 <!-- { "blockType": "permissions", "name": "user_validatepassword" } -->
 [!INCLUDE [permissions-table](../includes/permissions/user-validatepassword-permissions.md)]
 
->[!IMPORTANT]
->This API operation doesn't require the calling user to be assigned any Microsoft Entra admin roles.
+> [!IMPORTANT]
+> 
+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation:
+> - Password Administrator 
+> - Helpdesk Administrator
+> - User Administrator
+> - Global Administrator
 
 ## HTTP request