Reset a user's password.

Entitlement required: manageUserGroups (Manage users and groups), or manageAllUserGroups (Synchronize users and groups), or manageUserStandardGroups (Manage users and standard groups), or updateAnyUser (Update any user), or resetPasswordAnyUser (Reset password of any user), or manageUsers (Manage all users), or manageUsersInStandardGroups (Manage users in standard groups).
Note: You only need one entitlement, but you can have more than one.

When the password is reset, a notification is optionally sent to the user to indicate that a password reset was performed. The notification also includes the new temporary password for the user to log in to the system. When the user logs in, the user is prompted to change the password.

Passwords cannot be reset for federated users.

By default, the notification is sent by email, but this delivery selection can be overridden by the notifyType value in the notifications object.The email templates for branding are at "notifications/user_management/login/{locale}/user_password_reset_email.xml" and "notifications/user_management/login/{locale}/user_password_reset_not_show_email.xml". Pass in the themeId query parameter to brand the email templates for notifications. To turn off email notifications, send the notifications option "urn:ietf:params:scim:schemas:extension:ibm:2.0:Notification": {"notifyType":"NONE"} in the payload.

The password can be specified or auto-generated. For an auto-generated password, a notification is sent by email and cannot be overridden by the notifyType attribute. The notifyPassword value in the ResetPasswordOperationValue is ignored and the user's reset password is always included in a notification.

If custom password intelligence warning is enabled and a password is provided that is listed in it, the 204 response includes the header 'isv-dictionary-policy' with the value: 'WARNLOCAL'.
If X-Force password intelligence warning is enabled and a password is provided that is listed in it, the 204 response includes the header 'isv-dictionary-policy' with the value: 'WARNGLOBAL'.
If custom password intelligence prevention is enabled and a password is provided that is listed in it, the 400 response can include the header 'isv-dictionary-policy' with the value: 'ENFORCELOCAL'. The corresponding error status is 'PWD_IN_DICTIONARY'.
If X-Force password intelligence prevention is enabled and a password is provided that is listed in it, the 400 response can include the header 'isv-dictionary-policy' with the value: 'ENFORCEGLOBAL'. The corresponding error status is 'PWD_IN_GLOBAL_DICTIONARY'.