Reset User Password

This use case describes how you use the Users resource to create users with a password and to reset user passwords when the user information is synchronized from an external Identity Management system.

• Set Password for a New User
• Reset Password for an Existing User

Set Password for a New User

Using the Users resource, you can create users with an initial clear-text password and the users would not receive a new user notification. For information about password policies, see Security Console documentation for the appropriate Oracle Applications Cloud service on Oracle Help Center.

Sample Request Payload

{
 "schemas":[
  "urn:scim:schemas:core:2.0:User"
 ],
 "name":{
  "familyName":"Jones",
  "givenName":"Kerry"
 },
 "active":true,
 "userName":"JONESK_OPERATIONS",
 "emails":[
  {
   "primary":true,
   "value":"J.K@oracle.com",
   "type":"W"
  }
 ],
 "displayName":"Kerry Jones",
 "externalId":"externalId12345:",
 "password":"Password1"
 }

If the new password for the user is successfully validated against the configured policies, the create user request is completed.

Sample Response Payload

{
  "id": "3DEC63ED61FD0863E050F00A081B15FF",
  "meta": {
    "created": "2016-10-20 12:36:21.000",
    "lastModified": "2016-10-20 12:36:21.076",
    "location": "https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/3DEC63ED61FD0863E050F00A081B15FF"
  },
  "schemas": [
    "urn:scim:schemas:core:2.0:User"
  ],
  "externalId": "externalId12345:",
  "userName": "JONESK_OPERATIONS",
  "name": {
    "familyName": "Jones",
    "givenName": "Kerry"
  },
  "displayName": "Kerry Jones",
  "preferredLanguage": "en",
  "emails": [
    {
      "value": "J.K@oracle.com",
      "type": "W",
      "primary": true
    }
  ],
  "active": true

If the password validation fails, the create user request fails and the 400 response error message is returned.

Sample Response - Error Message

{
  "Errors": [
    {
      "description": "Invalid Password: does not meet password policy",
      "code": "400"
    }
  ]
}

Reset Password for an Existing User

Using SCIM Users resource, you can reset a user's password and the user would not receive a password reset confirmation.

1. Search for the user to reset the password and get the unique identifier of the user. Use cURL and eq filter parameter with the username field to query. In this example, queried user name is CUST_CONTRACT_MGR_OPERATIONS and the user id returned by the query is 5A25572D96277A00C0547E3A715EF682.

   curl -i -u "<username>:<password>" -X GET https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users?filter=username eq "CUST_CONTRACT_MGR_OPERATIONS"

   Sample Response Payload

   {
     "itemsPerPage": 1,
     "startIndex": 1,
     "Resources": [
       {
         "id": "5A25572D96277A00C0547E3A715EF682",
         "meta": {
           "created": "2009-05-25 00:00:00.000",
           "lastModified": "2015-12-14 10:15:48.291",
           "location": "https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/5A25572D96277A00C0547E3A715EF682"
         },
         "schemas": [
           "urn:scim:schemas:core:2.0:User"
         ],
         "userName": "CUST_CONTRACT_MGR_OPERATIONS",
         "name": {
           "familyName": "Black",
           "givenName": "Sophie"
         },
         "displayName": "Sophie Black",
         "emails": [
           {
             "value": "CUST_CONTRACT_MGR_OPERATIONS@dummy.oracle.com",
             "type": "W",
             "primary": true
           }
         ],
         "roles": [
           {
             "id": "4EB6B72643872425B6BE573B531ABC6B",
             "value": "OKC_CUSTOMER_CONTRACT_MANAGER_VISION_OPERATIONS_DATA",
             "displayName": "Customer Contract Manager - Vision Operations",
             "description": "Customer Contract Manager for Vision Operations"
           },
           {
             "id": "40C4AE052EC2582286A6A0FB1514656C",
             "value": "ORA_PER_EMPLOYEE_ABSTRACT",
             "displayName": "Employee",
             "description": "Identifies the person as an employee."
           },
           {
             "id": "05E9F3576995F83E74EB3818FDCA8639",
             "value": "ORA_PER_LINE_MANAGER_ABSTRACT",
             "displayName": "Line Manager",
             "description": "Identifies the person as a line manager."
           }
         ],
         "active": true
       }
     ]
   }
   

2. Submit a PATCH request to reset the password for the user. In this example, update the password for 5A25572D96277A00C0547E3A715EF682 user id using cURL.

   curl -i -u "<username>:<password>"  -H "Content-Type: application/json"  -X PATCH  
   -d {
   "schemas":[
         "urn:scim:schemas:core:2.0:User"
        ],
     "password":"Password1"
   }
   https:// servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/5A25572D96277A00C0547E3A715EF682
   

Bulk Operation on Reset Password

Using Bulk resource, you can reset password for multiple users in a single operation. Search for the users, get their unique identifiers, and then submit a bulk PATCH request to reset password for the queried users.

Sample Request Payload

{
 "Operations":[
  {
           "method":"PATCH",
           "path":"/Users/3DEC63ED61FD0863E050F00A081B15FF",
           "bulkId":"clientBulkId1",
           "data":{
                 "schemas":[
                  "urn:scim:schemas:core:2.0:User"
                         ],
                 "password":"Password1"
                   }
   },
     {
               "method":"PATCH",
               "path":"/Users/3DEC63ED61FD0863E050F00A081B15EE",
               "bulkId":"clientBulkId1",
           "data":{
                 "schemas":[
                  "urn:scim:schemas:core:2.0:User"
                     ],
                 "password":"Password1"
                 }
     }
   ]
 }