PasswordReset.create_token - REST API

Overview

Accepts a username or password and looks up a user by the credential. If the user is found, a password reset token and password reset key are generated and saved in the database. Next, an email is sent with a link for the user to click which leads to the next step in the process, represented by the access_token call in Python.

The method never returns an explicit indication to the caller that a username or email were not found - if that be the case, this information will be found in server logs.

HTTP method: POST
URL path: /zato/sso/password/reset

Request

Name	Datatype	Optional	Notes
credential	string	---	Username or email of the user requesting to change his or her password
current_app	string	---	Name of application that the call is attempted from

Response

Name	Datatype	Optional	Notes
cid	string	---	Correlation ID assigned to request
status	string	---	Always OK as defined among other status codes
sub_status	list	---	Always an empty list

Usage

$ curl -XPOST localhost:17010/zato/sso/password/reset -d '
  {
    "credential": "my.username",
    "current_app": "CRM"
  }
  '

{
  "cid": "6e25233ae0738ce1b000c97",
  "status": "ok",
  "sub_status": []
}
$