OpenAM 5.5, reset password with Api, admin can’t change user’s password

This topic contains 4 replies, has 3 voices, and was last updated by  Peter Major 2 months ago.

  • Author
    Posts
  • #24058
     maxiaolin 
    Participant

    Hello Guyz,
    As i was following the answer of the question 7. in https://backstage.forgerock.com/knowledge/kb/book/b93241706, “How do I change a user’s password using the REST API in AM/OpenAM (All versions)?”.

    I’ve got the admin user’s session Id from the endpoint “/json/realms/root/authenticate”, tried to use the SessionId to reset normal user’s password by Request PUT and always got the response “{
    “code”: 400,
    “reason”: “Bad Request”,
    “message”: “Cannot update user password via PUT. Use POST with _action=changePassword or _action=forgotPassword.”
    }”

    Has anyone meeted such problem too, or someone’d like to give some suggestion for that?

    • This topic was modified 4 months, 2 weeks ago by  maxiaolin.
    #24062
     maxiaolin 
    Participant

    The followings are from the docu, but the second command seems that it no more works.

    Changing a user’s password
    You (or the user) can change a user’s password using the following curl commands according to which version of AM/OpenAM you are using. The user’s old password is required; however, admin users do not need to supply the user’s old password from OpenAM 12.0.3 onwards.

    AM 5 and later

    You can use the following curl command against the actual AM server URL (not lb), where the iPlanetDirectoryPro header (default AM session cookie name) is set to the token returned when you authenticated and you supply the user’s old password:

    $ curl -X POST -H "iPlanetDirectoryPro: AQIC5wM2LY4Sfcxs...EwNDU2NjE0*" -H "Content-Type: application/json" -H "Accept-API-Version: resource=3.0, protocol=1.0" -d '{ "currentpassword":"changeit", "userpassword":"newPassword" }' http://host1.example.com:8080/openam/json/realms/root/users/demo?_action=changePassword {}

    An admin user can change the password for a non-admin user without supplying the old password by using a HTTP PUT request instead:

    $ curl -X PUT -H "iPlanetDirectoryPro: AQIC5wM2LY4Sfcxs...EwNDU2NjE0*" -H "Content-Type: application/json" -H "Accept-API-Version: resource=3.0, protocol=1.0" -d '{ "userpassword":"newPassword" }' http://host1.example.com:8080/openam/json/realms/root/users/demo

    Regards
    Xiaolin

    #24814
     jjung2 
    Participant

    I am also having this problem with AM 6.0.0.5. This is problematic because of the bug in which we cannot change the amAdmin password in the XUI, and we aren’t in a situation to be able to upgrade to 6.0.0.6 right now for the fix.

    @peter-major is there anyone that could potentially help? The current documentation everywhere says that we can make this call, but apparently we cannot.

    #24817
     Peter Major 
    Moderator

    Your best bet is to raise a new support ticket.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?