Authenticate a user name and password.

Entitlement required: manageUserGroups (Manage users and groups) or manageAllUserGroups (Synchronize users and groups) or manageUserStandardGroups (Manage users and standard groups) or authn (Authenticate yourself) or authnAnyUser (Authenticate any user).
Note: You only need one entitlement, but you can have more than one.

  • Previous versions of this API before September 2021 returned a scimType of LOCKED_PWD_FAILURES when a user was locked out because of invalid credentials. The API now returns a scimType of INVALID_CREDS and a notification is sent to the user, telling them that their account was locked. Use the urn:ietf:params:scim:schemas:extension:ibm:2.0:Notification element in the POST body to determine the type of notification.