Reset User Password
This use case describes how you use the Users resource to create users with a password and to reset user passwords when the user information is synchronized from an external Identity Management system.
Set Password for a New User
Using the Users resource, you can create users with an initial clear-text password and the users would not receive a new user notification. For information about password policies, see Security Console documentation for the appropriate Oracle Applications Cloud service on Oracle Help Center.
Sample Request Payload
{
"schemas":[
"urn:scim:schemas:core:2.0:User"
],
"name":{
"familyName":"Jones",
"givenName":"Kerry"
},
"active":true,
"userName":"JONESK_OPERATIONS",
"emails":[
{
"primary":true,
"value":"J.K@oracle.com",
"type":"W"
}
],
"displayName":"Kerry Jones",
"externalId":"externalId12345:",
"password":"Password1"
}
If the new password for the user is successfully validated against the configured policies, the create user request is completed.
Sample Response Payload
{
"id": "3DEC63ED61FD0863E050F00A081B15FF",
"meta": {
"created": "2016-10-20 12:36:21.000",
"lastModified": "2016-10-20 12:36:21.076",
"location": "https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/3DEC63ED61FD0863E050F00A081B15FF"
},
"schemas": [
"urn:scim:schemas:core:2.0:User"
],
"externalId": "externalId12345:",
"userName": "JONESK_OPERATIONS",
"name": {
"familyName": "Jones",
"givenName": "Kerry"
},
"displayName": "Kerry Jones",
"preferredLanguage": "en",
"emails": [
{
"value": "J.K@oracle.com",
"type": "W",
"primary": true
}
],
"active": true
If the password validation fails, the create user request fails and the 400 response error message is returned.
Sample Response - Error Message
{
"Errors": [
{
"description": "Invalid Password: does not meet password policy",
"code": "400"
}
]
}
Reset Password for an Existing User
Using SCIM Users resource, you can reset a user's password and the user would not receive a password reset confirmation.
- Search for the user to reset the password
and get the unique identifier of the user. Use cURL and
eq
filter parameter with theusername
field to query. In this example, queried user name isCUST_CONTRACT_MGR_OPERATIONS
and the user id returned by the query is5A25572D96277A00C0547E3A715EF682
.curl -i -u "<username>:<password>" -X GET https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users?filter=username eq "CUST_CONTRACT_MGR_OPERATIONS"
Sample Response Payload
{ "itemsPerPage": 1, "startIndex": 1, "Resources": [ { "id": "5A25572D96277A00C0547E3A715EF682", "meta": { "created": "2009-05-25 00:00:00.000", "lastModified": "2015-12-14 10:15:48.291", "location": "https://servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/5A25572D96277A00C0547E3A715EF682" }, "schemas": [ "urn:scim:schemas:core:2.0:User" ], "userName": "CUST_CONTRACT_MGR_OPERATIONS", "name": { "familyName": "Black", "givenName": "Sophie" }, "displayName": "Sophie Black", "emails": [ { "value": "CUST_CONTRACT_MGR_OPERATIONS@dummy.oracle.com", "type": "W", "primary": true } ], "roles": [ { "id": "4EB6B72643872425B6BE573B531ABC6B", "value": "OKC_CUSTOMER_CONTRACT_MANAGER_VISION_OPERATIONS_DATA", "displayName": "Customer Contract Manager - Vision Operations", "description": "Customer Contract Manager for Vision Operations" }, { "id": "40C4AE052EC2582286A6A0FB1514656C", "value": "ORA_PER_EMPLOYEE_ABSTRACT", "displayName": "Employee", "description": "Identifies the person as an employee." }, { "id": "05E9F3576995F83E74EB3818FDCA8639", "value": "ORA_PER_LINE_MANAGER_ABSTRACT", "displayName": "Line Manager", "description": "Identifies the person as a line manager." } ], "active": true } ] }
-
Submit a PATCH request to reset the password for the user. In this example, update the password for
5A25572D96277A00C0547E3A715EF682
user id using cURL.curl -i -u "<username>:<password>" -H "Content-Type: application/json" -X PATCH -d { "schemas":[ "urn:scim:schemas:core:2.0:User" ], "password":"Password1" } https:// servername.fa.us2.oraclecloud.com/hcmRestApi/scim/Users/5A25572D96277A00C0547E3A715EF682
Bulk Operation on Reset Password
Using Bulk resource, you can reset password for multiple users in a single operation. Search for the users, get their unique identifiers, and then submit a bulk PATCH request to reset password for the queried users.
Sample Request Payload
{
"Operations":[
{
"method":"PATCH",
"path":"/Users/3DEC63ED61FD0863E050F00A081B15FF",
"bulkId":"clientBulkId1",
"data":{
"schemas":[
"urn:scim:schemas:core:2.0:User"
],
"password":"Password1"
}
},
{
"method":"PATCH",
"path":"/Users/3DEC63ED61FD0863E050F00A081B15EE",
"bulkId":"clientBulkId1",
"data":{
"schemas":[
"urn:scim:schemas:core:2.0:User"
],
"password":"Password1"
}
}
]
}