Change user password

Changes the password of a user account.

POST ~/api/directoryObjects/changePassword

By default, password change via REST API is not allowed. To allow it, you need to enable the corresponding operation.

Request parameters

This request has no parameters.

Request headers

Name
Required
Description
Adm-Authorization
True
Specify the security token obtained during authentication.
Content-Type
True
Use application/json as the value of this header.

Request body

The request body is a JSON object with the following data structure:

{
    "directoryObject": "<objectId>",
    "oldPassword": "<oldPassword>",
    "newPassword": "<newPassword>"
}

directoryObject `string`

The identifier of the user account whose password to reset. You can use:

Distinguished name (DN)

# Example
CN=John Smith,CN=Users,DC=example,DC=com

Globally unique identifier (GUID)

# Example
7a4267ce-d354-44e7-8bd6-c681f1284a41

Security identifier (SID)

# Example
S-1-5-21-3635565734-1729062999-1822655016-1627

oldPassword `string`

Current password value.

newPassword `string`

New password value. You can generate a strong random password using the Generate password request.

Responses

If successful, returns 200 OK status code and an operation result in the response body. Otherwise, returns one of the common HTTP error codes and an error description in the response body.

Examples

Change user's password

The following code sample changes the password of a user account.

Request

PowerShell

$baseUrl = "https://host.example.com/restApi"
$endpoint = "/api/directoryObjects/changePassword"

# Request parameters
$requestUrl = $baseUrl + $endpoint
$requestHeaders = @{"Adm-Authorization" = YOUR-SECURITY-TOKEN}
$requestBody = ConvertTo-Json @{
    "directoryObject" = "CN=John Smith,CN=Users,DC=example,DC=com";
    "oldPassword" = "MyCurrentPassword";
    "newPassword" = "MyNewPassword"
} 

# Make request
Invoke-RestMethod -Method POST -Headers $requestHeaders -Uri $requestUrl `
    -Body $requestBody -ContentType "application/json"

C#

using System;
using System.Text;
using System.Net.Http;
using System.Threading.Tasks;

class Program
{
    static async Task Main()
    {   
        const string baseUrl = "https://host.example.com/restApi";
        const string endpoint = "/api/directoryObjects/changePassword";
        
        // Create JSON request body
        string jsonRequest = @"
        {
            'directoryObject': 'CN=John Smith,CN=Users,DC=example,DC=com',
            'oldPassword': 'MyCurrentPassword',
            'newPassword': 'MyNewPassword'
        }";
        StringContent requestBody = new(jsonRequest, Encoding.UTF8, "application/json");

        // Initialize HTTP client
        using HttpClient client = new();
        client.DefaultRequestHeaders.Add("Adm-Authorization", YOUR-SECURITY-TOKEN);

        // Make request
        HttpResponseMessage response = await client.PostAsync(
            baseUrl + endpoint, requestBody);
        string responseBody = response.Content.ReadAsStringAsync().Result;
        Console.WriteLine(responseBody);
    }
}

cURL

curl  --header 'Adm-Authorization: YOUR-SECURITY-TOKEN' \
--header 'Content-Type: application/json' \
--request POST 'https://host.example.com/restApi/api/directoryObjects/changePassword' \
--data-raw '{
    "directoryObject": "CN=John Smith,CN=Users,DC=example,DC=com",
    "oldPassword": "MyCurrentPassword",
    "newPassword": "MyNewPassword",
}'

node.js

var https = require('https');

// Request parameters
var options = {
    'method': 'POST',
    'hostname': 'host.example.com',
    'path': '/restapi/api/directoryObjects/changePassword',
    'headers': {
        'Adm-Authorization': 'YOUR-SECURITY-TOKEN',
        'Content-Type': 'application/json'
    }
};

// Create JSON request body
var postData = `
{
    "directoryObject": "CN=John Smith,CN=Users,DC=example,DC=com",
    "oldPassword": "MyCurrentPassword",
    "newPassword": "MyNewPassword"
}`;

// Make request
var req = https.request(options, res => {
    var data = [];

    res.on("data", chunk => {
        data.push(chunk);
    });

    res.on("end", () => {
        var body = Buffer.concat(data);
        console.log(body.toString());
    });

    res.on("error", error => {
        console.error(error);
    });
});
req.write(postData);

req.end();

Python

import requests
import json

baseUrl = "https://host.example.com/restApi"
endpoint = "/api/directoryObjects/changePassword"

# Request parameters
requestUrl = baseUrl + endpoint
requestHeaders = {"Adm-Authorization": YOUR-SECURITY-TOKEN}
requestBody = {
    "directoryObject": "CN=John Smith,CN=Users,DC=example,DC=com",
    "oldPassword": "MyCurrentPassword",
    "newPassword": "MyNewPassword"
}

# Make request
request = requests.post(requestUrl, headers=requestHeaders, json=requestBody)
response = json.loads(request.content)
print(response)

Response

HTTP Status code: 200 OK
Response body:

{
    "resultType": 0,
    "innerMessages": [],
    "exception": null,
    "actualObjectDN": "CN=John Smith,CN=Users,DC=example,DC=com",
    "extraInfo": {}
}