Idea Details

Portal API to support creating an active user and setting their password

Last activity 6 days ago
Mark ODonohue's profile image
06-19-2018 09:22 PM

The Current API Portal 4.2 allows Portal API call to create a user.   But it is not possible to enable the user, or to set their initial password.  These currently have to be done via the email and user link work flow. 


The customer would like an enhancement to be able to create the user in an enabled state and to be able to set their initial password. 


Here are samples of the current calls and result from the failed change password attempt by admin: 



1. Create new developer and associate to organization created
curl --insecure -H "Content-Type:application/json" -H "Authorization: bearer xxxx-***" -X POST -d '{
"Uuid": "***-xx-xx-xx",
"FirstName": "org",
"LastName": "dev",
"Username": "orgdevnew",
"Email": "",
"RoleUuid": "00000006-0006-0006-0006-000000000006",
"OrganizationUuid": "xx-xx-xx",
"ChangePassword": false,
"OldPassword": null,
"NewPassword": "password",
"NotifyUser": false,
"Status": "ENABLED",
"Locale": "en"
}' https://apim-ssg.***.xx:9443/portal/Users


2. Update newly created developer with password (PUT API is failing here)

curl --insecure -H "Content-Type:application/json" -H "Authorization: bearer xx-xx-xx-xx" -X PUT -d '{
"Uuid": "***-***-***",
"ChangePassword": true,
"Email": "",
"NewPassword": "XXXX",
"FirstName": "org",
"OldPassword": "XXXX",
"Username": "orgdevnew",
"LastName": "dev",
"RoleUuid": "00000006-0006-0006-0006-000000000006",
"Status": "ENABLED",
"RoleType": "EXTERNAL"
}' "https://apim-ssg.***.xx:9443/portal/Users('{752b873b-41f3-4b9b-8aba-b056cab982e5}')"

"error": {
"code": "ServerErrorException",
"message": {
"lang": "en-US",
"value": "Internal Server Error"


07-10-2018 06:37 PM

Dear Mark,

It's not just because the random password, as per my test, even we know the correct password, we still fail to reset the password.

I would guess it's by current design, the PAPI doesn't allow resetting password.


That would raise a question, if customer wants to use a custom portal, they would not be able to set/change password.




07-04-2018 02:11 AM

Just some extra notes :

Yes it would be nice for Admin user to be able to create & activate a user and re-set the users password from the API. 


The PUT API fails because the old password is incorrect. 

The failure of the PUT API for changePassword is apparently because the OldPassword: does not match as on creation the password & pwd salt value are set to random values. 


It really should be possible for an Admin user to reset a users password without the Admin knowing the original users password. 


No menu option for Admin user to change users password either.  

Checking the Portal Admin menu as well and it seems the Admin user does not have the ability to reset a users password - maybe I missed something - but seems this  (or at least some feature to send out some email to allow the user to reset their own password) be a feature that would be needed.


Cheers - Mark 

06-25-2018 11:02 AM

It would be great in 3.5 also !!!

New user (with password) and new organization.

Currently (in 3.5), it can only be done manually and one-by-one in the CMS/admin area.

No way to do bulk loading of users and organizations.