How does a user change their own password in OpenIDM 3.x using the REST API?
The purpose of this article is to provide information on how a user can change their own password in OpenIDM 3.x using the REST API. The method varies slightly if OpenIDM is protected by OpenAM as the user must first authenticate before they can change their password.
Archived
This article has been archived and is no longer maintained by ForgeRock.
Changing a user's own password
The following command can be used by a user to change their own password:
$ curl -H "Content-Type: application/json" -H "X-OpenIDM-Username: jdoe" -H "X-OpenIDM-Password: OldPassword" -H "X-OpenIDM-Reauth-Password:OldPassword" -X POST -d '[{"operation":"replace","field":"password","value":"NewPassw0rd"}]' "http://localhost:8080/openidm/managed/user/jdoe?_action=patch"Changing a user's own password when OpenIDM is protected by OpenAM
When a user changes their own password where OpenIDM is protected by OpenAM, they must explicitly pass their authenticated credentials as follows:
- Use curl to authenticate to OpenAM as described in OpenAM Developer's Guide › Developing Client Applications › Authentication & Logout. For example: $ curl -X POST -H "X-OpenAM-Username: jdoe" -H "X-OpenAM-Password: OldPassword" -H "Content-Type: application/json" http://openam.example.com:8080/openam/json/authenticate This will return a tokenID, such as AQIC5wM2LY4SfcxUm6wdixPGaSrucHNIH7haV14vmdkrRsU.*AAJTSQACMDE.*
- Change your password, including the tokenID as the cookie value and the header "X-Requested-With: XMLHttpRequest": $ curl -b "iPlanetDirectoryPro=AQIC5wM2LY4SfcxUm6wdixPGaSrucHNIH7haV14vmdkrRsU.*AAJTSQACMDE.*" -H "X-Requested-With: XMLHttpRequest" -H "Content-Type: application/json" -H "X-OpenIDM-Reauth-Password:OldPassword" -X POST -d '[{"operation":"replace","field":"password","value":"NewPassw0rd"}]' "http://localhost:8080/openidm/managed/user/jdoe?_action=patch"
Note
Some command line parameters, such as iPlanetDirectoryPro, are case-sensitive.
See Also
How do I invoke the OpenIDM 4.x REST API when OpenIDM is protected by OpenAM?
How does a user change their own password in IDM (All versions) using the REST API?
OpenAM Developer's Guide › Developing Client Applications › Authentication & Logout
Related Training
N/A
Related Issue Tracker IDs
N/A