content/operate/rs/references/rest-api/requests/users/password.md
| Method | Path | Description |
|---|---|---|
| PUT | /v1/users/password | Replace passwords |
| POST | /v1/users/password | Add a new password |
| DELETE | /v1/users/password | Delete a password |
PUT /v1/users/password
Replaces the password list of the specified user with a single new password. If a username is not provided in the JSON request body, it replaces the password list of the authenticated user making this request instead.
PUT /v1/users/password
{
"username": "The username of the affected user. If missing, default to the authenticated user.",
"new_password": "the new (single) password"
}
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
The request must contain a JSON object with the following fields:
| Field | Type | Description |
|---|---|---|
| username | string | (Optional) The username of the affected user. If missing, defaults to the authenticated user. |
| new_password | string | The new password (required) |
Returns a status code to indicate password update success or failure.
When errors are reported, the server may return a JSON object with
error_code and message fields that provide additional information.
The following are possible error_code values:
| Code | Description |
|---|---|
| password_not_complex | The given password is not complex enough (Only work when the password_complexity feature is enabled). |
| new_password_same_as_current | The given new password is identical to one of the already existing passwords. |
| user_not_exist | User does not exist. |
| unauthorized_action | Updating another user's password is acceptable by an admin user only. |
| Code | Description |
|---|---|
| 200 OK | Success, password changed. |
| 400 Bad Request | Bad or missing parameters. |
| 401 Unauthorized | The user is unauthorized. |
| 403 Forbidden | Insufficient privileges. |
| 404 Not Found | User not found. |
POST /v1/users/password
Adds a new password to the specified user's password list. If a username is not provided in the JSON request body, it adds the password to the password list of the authenticated user making this request instead.
POST /v1/users/password
{
"username": "The username of the affected user. If missing, default to the authenticated user.",
"new_password": "a password to add"
}
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
The request must contain a JSON object with the following fields:
| Field | Type | Description |
|---|---|---|
| username | string | (Optional) The username of the affected user. If missing, defaults to the authenticated user. |
| new_password | string | New password to add (required) |
Returns a status code to indicate password creation success or failure. If an error occurs, the response body may include a more specific error code and message.
When errors are reported, the server may return a JSON object with
error_code and message fields that provide additional information.
The following are possible error_code values:
| Code | Description |
|---|---|
| password_not_complex | The given password is not complex enough (Only work when the password_complexity feature is enabled). |
| new_password_same_as_current | The given new password is identical to one of the already existing passwords. |
| user_not_exist | User does not exist. |
| unauthorized_action | Updating another user's password is acceptable by an admin user only. |
| Code | Description |
|---|---|
| 200 OK | Success, new password was added to the list of valid passwords. |
| 400 Bad Request | Bad or missing parameters. |
| 401 Unauthorized | The user is unauthorized. |
| 403 Forbidden | Insufficient privileges. |
| 404 Not Found | User not found. |
DELETE /v1/users/password
Deletes a password from the specified user's password list. If a username is not provided in the JSON request body, it deletes the password from the password list of the authenticated user making this request instead.
DELETE /v1/users/password
{
"username": "The username of the affected user. If missing, default to the authenticated user.",
"old_password": "an existing password to delete"
}
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
The request must contain a JSON object with the following fields:
| Field | Type | Description |
|---|---|---|
| username | string | (Optional) The username of the affected user. If missing, defaults to the authenticated user. |
| old_password | string | Existing password to be deleted (required) |
When errors are reported, the server may return a JSON object with
error_code and message fields that provide additional information.
The following are possible error_code values:
| Code | Description |
|---|---|
| cannot_delete_last_password | Cannot delete the last password of a user. |
| user_not_exist | User does not exist. |
| unauthorized_action | Updating another user's password is acceptable by an admin user only. |
| Code | Description |
|---|---|
| 200 OK | Success, new password was deleted from the list of valid passwords. |
| 400 Bad Request | Bad or missing parameters. |
| 401 Unauthorized | The user is unauthorized. |
| 403 Forbidden | Insufficient privileges. |
| 404 Not Found | User not found. |