Skip to content

Instantly share code, notes, and snippets.

@dolph
Last active Dec 29, 2015
Embed
What would you like to do?

Password change operations

Administrative password reset

This applies to both lost and compromised passwords.

Example:

PATCH /users/{user_id}
{"user": {"password": "new-password"}}

Consequences:

  • Token revocation event immediately emmitted
  • New password immediately takes effect
  • All old passwords are immediately expired

User self-service password change

Example:

POST /users/{user_id}/password
{"user": {"original_password": "old-password", "password": "new-password"}}

Consequences:

  • New password immediately takes effect
  • A revocation event is emitted and the old password no longer works

User self-service password rotation

Example:

POST /users/{user_id}/OS-PW-ROTATE/password
{"user": {"original_password": "old-password", "password": "new-password"}}

Consequences:

  • New password immediately takes effect
  • The old password is still available for the duration of the deployer-defined grace period (and no revocation events are ever emitted)

Expire old passwords:

DELETE /users/{user_id}/OS-PW-ROTATE/old_passwords
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment