Whenever one user changes another user’s password, DS servers consider it a password reset. Often, password policies specify that users must change their passwords again after a password reset.
![[Note]](common/images/admon/note.png) |
Note |
|---|---|
|
This action requires HTTPS to avoid sending the password over an insecure connection. |
Perform an HTTPS POST with the header Content-Type: application/json, _action=resetPassword in the query string, and an empty JSON document ({}) as the POST data.
The JSON POST DATA must include the following fields:
The following example demonstrates an administrator changing a user’s password. Before trying this example, make sure the password administrator has been given the password-reset privilege. Otherwise, the password administrator has insufficient access. On success, the HTTP status code is 200 OK, and the response body is a JSON resource with a generatedPassword containing the new password:
$ curl \
--request POST \
--cacert ca-cert.pem \
--user kvaughan:bribery \
--header "Content-Type: application/json" \
--data '{}' \
--silent \
https://localhost:8443/api/users/bjensen?_action=resetPassword
{"generatedPassword":"new-password"}
As password administrator, provide the new, generated password to the user.
