Invoked during the password reset process after a user clicks a link with the password reset token.
Accepts the token from email and returns a reset key. Along with the token, the reset key is used in in the next step in the process to change the password.
| Name | Datatype | Optional | Notes |
|---|---|---|---|
| token | string | --- | Password reset token as it was received by the user in email |
| current_app | string | --- | Name of application that the call is attempted from |
| Name | Datatype | Optional | Notes |
|---|---|---|---|
| cid | string | --- | Correlation ID assigned to request |
| status | string | --- | Overall status code |
| sub_status | list | Yes | Returned only if status is not "ok", a list of error or warning codes |
| reset_key | string | Yes | A reset key to be used in the next step to change the password. Returned only if status is OK. |
Token is valid:
$ curl -XPATCH localhost:17010/zato/sso/password/reset -d '
{
"token": "13hxw6ar398s4r7d92x8d2gfay",
"current_app": "CRM"
}
'
{
"cid": "2eb48bf0139c03274c53495d",
"status": "ok",
"reset_key": "gAAAAABgrLzSMBtSa-FY88-1nUSJFZcBX...",
"sub_status": []
}
$
Token is invalid (e.g. already used or expired):