CHANGE PASSWORD USING REST API

Tagged: , ,

This topic has 1 reply, 1 voice, and was last updated 4 years, 6 months ago by cristianoburgo.

  • Author
    Posts
  • #17408
     cristianoburgo
    Participant

    i’m trying to do a password change using the REST API.
    This is the code snippet in python:

    #CHANGE USER PASSWORD
    
    import requests
    import json
    
    #READING THE OBJECTID
    url = 'https://localhost:8443/openidm/info/login'
    headers = {'X-OpenIDM-Username': 'test1','X-OpenIDM-Password': 'Welcome3!'}
    resp = requests.get(url,headers=headers,verify=False)
    
    userId = resp.json()["authorization"]["id"]
    
    print userId
    
    #PATCHING THE PASSWORD
    
    urlPassword = 'https://localhost:8443/openidm/managed/user/' +  userId
    headersPatch = {'X-OpenIDM-Username': 'test1','X-OpenIDM-Password': 'Welcome3!','Content-Type': 'application/json', 'If-Match': '*'}
    
    patchData = json.dumps([{
        "operation" : "replace",
        "field" : "password",
        "value" : "[email protected]"   
        }])
    
    respPatch = requests.patch(urlPassword, headers=headersPatch, data=patchData, verify=False)
    
    print respPatch.json()

    But the output is a policy validation failed:

    {u'reason': u'Forbidden', u'code': 403, u'message': u'Failed policy validation', u'detail': {u'failedPolicyRequirements': [{u'property': u'password', u'policyRequirements': [{u'policyRequirement': u'REAUTH_REQUIRED'}]}], u'result': False}}

    Reading the password policy this behaviour is correct because the reauth required is set for all except:
    [“system”,”openidm-admin”,”openidm-reg”,”openidm-cert”]

    Extending the exception also for openidm-authorized solve the issue for the rest call but using the web gui the user can change its password inserting a wrong current password when requested.

    #17424
     cristianoburgo
    Participant

    Just understanding how the gui do and that is the solution. You must insert the cookie and the re-auth password on the patch call:

    urlPassword = 'https://localhost:8443/openidm/managed/user/' +  userId
    headersPatch = {'Content-Type': 'application/json','Cookie': cookie,'X-OpenIDM-Reauth-Password': 'Qwerty.1234', 'X-Requested-With':'XMLHttpRequest'}
    print headersPatch
    
    patchData = json.dumps([{
        "operation" : "replace",
        "field" : "/password",
        "value" : "Welcome2!"   
        }])
    
    respPatch = requests.patch(urlPassword, headers=headersPatch, data=patchData, verify=False)
    
    print respPatch.json()
Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?