PasswordReset.create_token - REST API

Overview

Begins the password reset process.

Accepts a username or password and looks up a user by the credential. If the user is found, a password reset token and password reset key are generated and saved in the database. Next, an email is sent with a link for the user to click which leads to the next step in the process, represented by the access_token call in Python.

The method never returns an explicit indication to the caller that a username or email were not found - if that be the case, this information will be found in server logs.

  • HTTP method: POST
  • URL path: /zato/sso/password/reset

Request

Name Datatype Optional Notes
credential string --- Username or email of the user requesting to change his or her password
current_app string --- Name of application that the call is attempted from

Response

Name Datatype Optional Notes
cid string --- Correlation ID assigned to request
status string --- Always OK as defined among other status codes
sub_status list --- Always an empty list

Usage

$ curl -XPOST localhost:17010/zato/sso/password/reset -d '
  {
    "credential": "my.username",
    "current_app": "CRM"
  }
  '

{
  "cid": "6e25233ae0738ce1b000c97",
  "status": "ok",
  "sub_status": []
}
$