REST API for OTP Forgot Password in Oracle Access Manager

Update the configuration for otpforgotpassword

put

/iam/admin/access/api/v1/config/otpforgotpassword

This REST API tells lets admin configure otpforgotpassword feature in OAM and whether the default login page has the link to the forgot password page. It also has the exact forgotpassword page url. Note that to enable this feature the OAAM needs to be enabled in OAM

Request

The configuration for forgotpassword link request object

Root Schema : ConfigureForgotPasswordLinkRequest

Type: object

Show Source

customWebRoot(optional): string

This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion.
defaultOTPForgotPasswordLink(optional): boolean

Whether to use OOTB default OTP forgot password page for user to change his password. f this is specified as true, then the next forgotpasswordURL value is ignored.
displayOTPForgotPassworLink(optional): boolean

Whether to show the OTP forgot password link on OAM or not. If its specified as false, all the other values in the request object are ignored.
errorLevel(optional): string

This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external and default value is internal.
forgotPasswordURL(optional): string

This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server
localtoOAMServer(optional): boolean

whether the forgot password URL is local to OAM server or at a different location.
mode(optional): string

This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3) userselectchallenge -- otp will be sent to user, based on user selecting one of masked display challenges. 4) userchoose -- otp will be sent to user, based on selection of email or sms keywords. 5)totp -- time based otp coming from application installed on user's device

{
    "type":"object",
    "properties":{
        "displayOTPForgotPassworLink":{
            "type":"boolean",
            "description":"Whether to show the OTP forgot password link on OAM or not. If its specified as false, all the other values in the request object are ignored."
        },
        "defaultOTPForgotPasswordLink":{
            "type":"boolean",
            "description":"Whether to use OOTB default OTP forgot password page for user to change his password. f this is specified as true, then the next forgotpasswordURL value is ignored."
        },
        "localtoOAMServer":{
            "type":"boolean",
            "description":"whether the forgot password URL is local to OAM server or at a different location."
        },
        "forgotPasswordURL":{
            "type":"string",
            "description":"This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server"
        },
        "mode":{
            "type":"string",
            "description":"This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3) userselectchallenge -- otp will be sent to user, based on user selecting one of  masked display challenges. 4) userchoose -- otp will be sent to user, based on selection of email or  sms keywords. 5)totp -- time based otp coming from application installed on user's device"
        },
        "errorLevel":{
            "type":"string",
            "description":"This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external and default value is internal."
        },
        "customWebRoot":{
            "type":"string",
            "description":"This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion. "
        }
    }
}

Response

Supported Media Types

application/json

200 Response

The OTP forgot password configuration is updated successfully

Root Schema : ConfigureForgotPasswordLinkResponse

Type: object

Show Source

customWebRoot(optional): string

This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion.
displayOTPForgotPasswordLink(optional): boolean

Whether to show the OTP forgot password link on OAM or not. If its specified as false, the value for the forgotPasswordURL is not used and the link is not showed on the OAM default login page.
errorLevel(optional): string

This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external.
forgotPasswordURL(optional): string

This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server
mode(optional): string

This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3)userselectchallenge -- otp will be sent to user, based on user selecting one of masked display challenges. 4)userchoose -- otp will be sent to user, based on selection of email or sms keywords. 5)totp -- time based otp generated in user's device.

{
    "type":"object",
    "properties":{
        "displayOTPForgotPasswordLink":{
            "type":"boolean",
            "description":"Whether to show the OTP forgot password link on OAM or not. If its specified as false, the value for the forgotPasswordURL is not used and the link is not showed on the OAM default login page."
        },
        "forgotPasswordURL":{
            "type":"string",
            "description":"This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server"
        },
        "mode":{
            "type":"string",
            "description":"This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3)userselectchallenge -- otp will be sent to user, based on user selecting one of  masked display challenges. 4)userchoose -- otp will be sent to user, based on selection of email or  sms keywords. 5)totp -- time based otp generated in user's device."
        },
        "errorLevel":{
            "type":"string",
            "description":"This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external."
        },
        "customWebRoot":{
            "type":"string",
            "description":"This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion. "
        }
    }
}

401 Response

Unauthorized

500 Response

Internal Server Error

Examples

This example demonstrates the method to enable the OTP forgot password link on the default login page in OAM.

Example of the Response Headers

curl -X PUT http://hostname:port/oam/services/rest/access/api/v1/config/otpforgotpassword/ 
-H 'authorization: Basic d2VibG9naWM6d2VsY29tZTE=' 
-H 'content-type: application/json' 
-d '{"displayOTPForgotPassworLink":"true","defaultOTPForgotPasswordLink":"false","localToOAMServer":"true",
"forgotPasswordURL":"/otpfp/pages/otpforgotpassword.jsp", "mode":"userselectchallenge"}'

Example of the Response Body

The following example shows the contents of the response body.

{
    "displayOTPForgotPasswordLink": true,
    "errorLevelInternal": false,
    "forgotPasswordURL": "/otpfp/pages/otpforgotpassword.jsp",
    "mode": "userselectchallenge"
}