We have developed our own mobile application using IBM Worklight, which interfaces with Maximo. Currently, all users have to have a Maximo account that is setup with a default password when created. When the mobile user logs in to the app, their credentials are verified with Maximo and access is granted / denied as appropriate.
What I want to do is force the user to change their password (from the mobile app) when they first login and then every (x) number of days thereafter.
Does anyone know if there is an existing service / method that can be invoked to do this? (which would be my preferred method).
I know that the users password is stored in the database as an encrypted string and, if it was possible to replicate the same encryption method, I could just overwrite the existing string with the new one. But, what is the encryption method used and how has it been implemented?
Any advice / info is most welcome.
Many thanks, Chris.
Does anyone know if there is an existing service / method that can be invoked to do this? (which would be my preferred method).
There is nothing in Worklight/MobileFirst to do this for you. If this is what you want to do, you need to write your own custom logic (custom authenticator): https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/authentication-security/custom-authentication/
I know that the users password is stored in the database as an encrypted string and, if it was possible to replicate the same encryption method, I could just overwrite the existing string with the new one. But, what is the encryption method used and how has it been implemented?
It is unclear to which encryption method you are talking about. Worklight/MobileFirst by default does encrypt anything in the database, so it sounds like this is custom Maximo behavior. You may want to contact Maximo support by opening a PMR...