I want to update wso2 identity server user password from an API endpoint. My scenario is when i click password reset button from my application, the given password should be updated in the WSO2IS. Is it possible to do.
You can do that by a PATCH request to SCIM2 endpoints. The following Curl command is to reset the password of a user by the admin. (use /scim2/Users/<user-id>
and add the authorization header <base64 encoded username:password of admin>
) (Refer: https://is.docs.wso2.com/en/latest/develop/scim2-rest-apis/#/Users%20Endpoint/patchUser)
If the reset is done by the same user, you can use /scim2/Me
endpoint (Refer: https://is.docs.wso2.com/en/latest/develop/scim2-rest-apis/#/Me%20Endpoint/patchUserMe) . Then the authorization header should contain the particular user's credentials or valid access token.
curl --location --request PATCH 'https://localhost:9443/scim2/Users/<user-id>' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Content-Type: application/json' \
--data-raw '{
"Operations": [
{
"op": "replace",
"value": {
"password": "newpassword"
}
}
],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}'