Change the authenticated user's password.

post https://{tenanturl}/v2.0/Me/password

Entitlement required: anyone (Any authenticated user).

When the password is changed, a notification is optionally sent to the user to indicate that a password change was performed. By default, the notification is sent by email, but this can be overridden by the notifyType value in the Notifications object. See Model under Data Type. The email templates for branding are at "notifications/user_management/login/{locale}/user_password_change_show_email.xml" and "notifications/user_management/login/{locale}/user_password_change_not_show_email.xml". Pass in the themeId query parameter to brand the email template for notifications. To turn off email notifications, send the notifications option "urn:ietf:params:scim:schemas:extension:ibm:2.0:Notification": {"notifyType":"NONE"} in the payload.

Passwords cannot be changed for federated users.

This API requires an authenticated user's access token that is generated from an application client during sign-on. This API does not support the use of an API client-generated access token.
Send a valid user access token in the authorization header, by using the bearer authentication scheme.
This API requires an authenticated user's access token that is generated from an application client during sign-on. This API does not support the use of an API client-generated access token.
Send a valid user access token in the authorization header, by using the bearer authentication scheme.

If custom password intelligence warning is enabled and a password is provided that is listed in it, the 204 response includes the header 'isv-dictionary-policy' with the value: 'WARNLOCAL'.
If X-Force password intelligence warning is enabled and a password is provided that is listed in it, the 204 response includes the header 'isv-dictionary-policy' with the value: 'WARNGLOBAL'.
If custom password intelligence prevention is enabled and a password is provided that is listed in it, the 400 response can include the header 'isv-dictionary-policy' with the value: 'ENFORCELOCAL'. The corresponding error status is 'PWD_IN_DICTIONARY'.
If X-Force password intelligence prevention is enabled and a password is provided that is listed in it, the 400 response can include the header 'isv-dictionary-policy' with the value: 'ENFORCEGLOBAL'. The corresponding error status is 'PWD_IN_GLOBAL_DICTIONARY'.

Query Params

themeId

string

The identifier of the theme that you want to apply.

Body Params

The body for the change password operation.

schemas

array of strings

required

An array of strings that contain the URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes in the current JSON structure. The schema URIs must be "urn:ietf:params:scim:schemas:ibm:core:2.0:ChangePassword" and "urn:ietf:params:scim:schemas:extension:ibm:2.0:Notification" as required by the SCIM specification.

schemas*

currentPassword

string

required

Specifies the user's existing password.If the password contains extended ASCII characters then you must add charset=utf-8 in the Content-Type header when making a REST API call.

newPassword

string

required

Specifies the new password that was set by the user.If the password contains extended ASCII characters then you must add charset=utf-8 in the Content-Type header when making a REST API call.Cannot begin with the > character and end with the < character.

urn:ietf:params:scim:schemas:extension:ibm:2.0:Notification

object

Responses

204

No Content.

Language

URL


xxxxxxxxxx
1
curl --request POST \
2
     --url https://tenant_url/v2.0/Me/password \
3
     --header 'accept: application/json' \
4
     --header 'content-type: application/scim+json'

Choose an example:

application/scim+json

400The request was incorrect.

403Forbidden.

404Not found.

500An internal server error occurred.