Overview

To reset a user’s password, you can send an HTTP PUT request to the user’s URL with a JSON object containing a password property with the new password value. On success, the server will respond with an HTTP 201 status.

Note that you are not limited to updating one property at a time; all fields may be updated in a single request. All fields not specified will retain their value.

Example

This example shows the request-response sequence when changing a user’s password.

Request
PUT /dc/api/v5/users/8d7a97a97a92efd18dcbc12876a4510e HTTP/1.1
Host: api.digitalchalk.com
Content-type: application/json
Accept: application/json

{
	"password": "newpassword123"
}
Response
HTTP/1.1 204 No Content
Content-length: 0

Failure Cases

Below is a list of the most common failure scenarios your code should be prepared to handle. This list is not exhaustive.

Password validation

Currently, DigitalChalk requires user accounts to have passwords between 6 and 64 characters in length with at least one letter and one number present in the password. However, you should be prepared to handle a password validation failure in order to be forward-compatible with any future changes in password/security policies.

In the following example, an attempt is made to specify a password which does not meet the minimum length requirement. The validation step will reject the password, return a response with an HTTP 400 status, and provide a description of the problem in the fieldErrors property.

Request
PUT /dc/api/v5/users/8d7a97a97a92efd18dcbc12876a4510e HTTP/1.1
Host: api.digitalchalk.com
Content-type: application/json
Accept: application/json

{
	"password": "SFbay", 
}
Response
HTTP/1.1 400 Bad Request
Content-type: application/json
Content-length: 210

{
	"fieldErrors" : {
		"password" : "The new password must be at least 6 characters in length, contain only letters and numbers, and contain at least one letter and one number"
	}
}

Reference