User.change_password - REST API


Changes a user's password.

If UST only is on input, without user_id, user whose session it is will change his or her password.

If user_id is on input, another user, identified by that ID, will have the password changed - in this case the input UST must belong to a super-user's session.

The new password is always validated against the configuruation.

  • HTTP method: PATCH
  • URL path: /zato/sso/user/password


NameDatatypeOptionalNeeds super-userNotes
uststring------Current user's session token (UST)
current_appstring------Name of application that the call is attempted from
old_passwordstringYes---Required if current user changes his or her own password
new_passwordstring------New password to set for user
user_idstringYesYesID of user whose password is to be changed, required if a super-user wants to change another person's password
password_expiryintegerYesYesOptionally, after how many days from current time the password will expire. If not set, a default value from configuration will be used.
must_changeboolYesYesIf True, the person whose password is being change will need to reset it on next login


cidstring---Correlation ID assigned to request
statusstring---Overall status code
sub_statuslistYesReturned only if status is not "ok", a list of error or warning codes


  • Input user is a regular one who is changing his or her own password:
$ curl -XPATCH localhost:17010/zato/sso/user -d '
    "ust":          "gAAAAABalTpNLXP6Xk_KN_SE...",
    "current_app":  "CRM",
    "old_password": "waHsAlUbA1XmU2zQrlTHXeDCvb6Urgn",
    "new_password": "p1GwvkP3cHTum7lIMz7SDitmp8fT8Mo",

  "cid": "6f916246696fbdd76f8a7073",
  "status": "ok"
  • Input user is a super-user who is changing another person's password:
$ curl -XPATCH localhost:17010/zato/sso/user/password -d '
    "ust": "gAAAAABamuje_0YktSt38EyQmW...",
    "current_app": "CRM",
    "user_id": "zusr4vzbnqsfz68asstyrg7ypb4ghj",
    "new_password": "5c5Apw67534s55ukR_EZSVyH3DKr2ajNaa"


    "cid": "de00deb0471188dcdd9913a8",
    "status": "ok"