3 Ways to Change a User Password in Google Workspace

When a team member forgets a password or leaves the company, an admin has to act fast. Google Workspace gives you several built-in tools to reset credentials without breaking a sweat.

Still, not every situation calls for the same fix. This guide walks through three reliable methods, single-user reset in the Admin console, bulk changes with a CSV, and command-line updates, so you can pick the right move.

Table of Contents

• Use Google Workspace's UI
• Use Torii
• Use Google Workspace's API

Use Google Workspace’s UI

Use the Google Admin console to update a user’s password.

Open the Admin console

• Go to admin.google.com.
• Sign in with a super-admin account.

Find the user

• In the left panel, select Users.
• Search for the account or scroll through the list.
• Click the user’s name to open their profile.

Start the password reset

• At the top of the page, click Reset password.
• A dialog box opens with two choices:
• Let Google generate a strong password.
• Enter one yourself.

Set the new password

• If you type the password, watch the strength meter until it turns green.
• Check the box if you want the user to change it at their next sign-in.

Finish and share the password

• Click Reset to confirm.
• Copy the new password from the confirmation screen.
• Send it through a secure channel (never plain email).

Done. The update takes effect immediately, and the user can sign in with the new details.

Use Torii

Manually resetting passwords in Google Workspace gets old after the first few times. A quicker option is Torii, a SaaS Management Platform that centralizes SaaS subscriptions, automates user provisioning and de-provisioning, inspects license data, and more through code or low-code workflows.

Torii can handle the reset automatically the moment a chosen event occurs, such as a new hire, a departure, or a contract milestone. Automating the workflow spares you from clicking through the same screens again and again.

To update a Google Workspace user password directly from Torii, do the following:

1. Sign up for Torii

Contact Torii and request a free two-week proof-of-concept.

2. Connect your Google Workspace account to Torii

Once your Torii environment is active, link your existing Google Workspace tenant. Follow the step-by-step guide in the Google Workspace integration article.

3. Create a Torii workflow for Google Workspace

Inside Torii, open the Workflows tab, choose a trigger, and add the “Change user password in Google Workspace” action. From that point on, whenever the trigger conditions are met, Torii will automatically push the password change to Google Workspace.

Use Google Workspace’s API

This guide shows the fastest way to change a user’s password with Google Workspace’s Directory API, not the admin console.

1. Grab admin-level credentials

• Create or use an existing service account in Google Cloud.
• Turn on domain-wide delegation for that service account.
• Authorize the scope https</b>://www.googleapis.com/auth/admin.directory.user in the Admin console’s security settings.
• When your app runs, swap the service account’s access token for an admin-impersonated token.

2. Build the request body

For a basic reset, the request body can contain a single field:

{
    "password": "NewStrongPassw0rd."
}

You can include any of the following optional keys as needed:

• "hashFunction"</b>: "SHA-1" or "MD5" if you’re sending a hashed value.
• "changePasswordAtNextLogin"</b>: true if you want the user to pick a fresh password later.

3. Send the PATCH request

Direct the PATCH request to the following Google endpoint:

PATCH https://admin.googleapis.com/admin/directory/v1/users/{userKey}

Replace {userKey} with the user’s primary email or unique ID.

Include the OAuth 2.0 bearer token in the Authorization header:

Authorization: Bearer ya29.<token>

Example curl:

curl -X PATCH \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"password":"NewStrongPassw0rd.","changePasswordAtNextLogin":true}' \
"https://admin.googleapis.com/admin/directory/v1/users/[email protected]"

4. Check the response

On success, the API responds with the complete user resource in JSON format. If no fields appear updated, double-check the access token, scope, and the user key you supplied.

5. Confirm the update

Have the user sign in with the new password (or finish reset if you forced a change at next login). If they can’t, repeat the call and look for typos or policy blocks.

Torii for SaaS Management

Our team is ready to walk you through advanced SaaS Management options. Torii’s SaaS Management Platform helps you:

• Unearth shadow apps: AI constantly scans your environment and flags unauthorized tools as soon as they show up.

• Reduce spend: Trim budgets by removing idle licenses and redundant software.
• Automate onboarding/offboarding: Simplify employee transitions with automated workflows that save time and prevent errors.
• Stay ahead of renewals: Receive timely alerts, making sure you never miss a contract date.

Torii brings Finance, IT, and Security together on the market’s first unified SaaS Management Platform, providing a single, dependable source of truth.

Visit Torii to explore features, customer stories, and pricing details.