LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-09 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding docs back with new ids

Browse Source
This commit is contained in:
darrell-thobe-sp
2025-01-27 16:01:17 -05:00
parent 90087c5d3f
commit b4a279954e
2823 changed files with 130835 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

244
docs/tools/sdk/powershell/reference/v2024/Methods/V2024PasswordManagementApi.md Normal file
View File

@@ -0,0 +1,244 @@
---
id: v2024-password-management
title: PasswordManagement
pagination_label: PasswordManagement
sidebar_label: PasswordManagement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordManagement']
slug: /tools/sdk/powershell/v2024/methods/password-management
tags: ['SDK', 'Software Development Kit', 'PasswordManagement']
---
# PasswordManagement
All URIs are relative to *https://sailpoint.api.identitynow.com/v2024*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2024DigitToken**](#create-digit-token) | **POST** `/generate-password-reset-token/digit` | Generate a digit token
[**Get-V2024PasswordChangeStatus**](#get-password-change-status) | **GET** `/password-change-status/{id}` | Get Password Change Request Status
[**Search-V2024PasswordInfo**](#query-password-info) | **POST** `/query-password-info` | Query Password Info
[**Set-V2024Password**](#set-password) | **POST** `/set-password` | Set Identity's Password
## create-digit-token
This API is used to generate a digit token for password management. Requires authorization scope of "idn:password-digit-token:create".
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | PasswordDigitTokenReset | [**PasswordDigitTokenReset**](../models/password-digit-token-reset) | True |
### Return type
[**PasswordDigitToken**](../models/password-digit-token)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The digit token for password management. | PasswordDigitToken
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$PasswordDigitTokenReset = @"{
"durationMinutes" : 5,
"length" : 8,
"userId" : "Abby.Smith"
}"@
# Generate a digit token
try {
$Result = ConvertFrom-JsonToPasswordDigitTokenReset -Json $PasswordDigitTokenReset
New-V2024DigitToken-V2024XSailPointExperimental $XSailPointExperimental -V2024PasswordDigitTokenReset $Result
# Below is a request that includes all optional parameters
# New-V2024DigitToken -V2024XSailPointExperimental $XSailPointExperimental -V2024PasswordDigitTokenReset $PasswordDigitTokenReset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2024DigitToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-change-status
This API returns the status of a password change request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Password change request ID
### Return type
[**PasswordStatus**](../models/password-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the password change request | PasswordStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "089899f13a8f4da7824996191587bab9" # String | Password change request ID
# Get Password Change Request Status
try {
Get-V2024PasswordChangeStatus-V2024Id $Id
# Below is a request that includes all optional parameters
# Get-V2024PasswordChangeStatus -V2024Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024PasswordChangeStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## query-password-info
This API is used to query password related information.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordInfoQueryDTO | [**PasswordInfoQueryDTO**](../models/password-info-query-dto) | True |
### Return type
[**PasswordInfo**](../models/password-info)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password info. | PasswordInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordInfoQueryDTO = @"{
"sourceName" : "My-AD",
"userName" : "Abby.Smith"
}"@
# Query Password Info
try {
$Result = ConvertFrom-JsonToPasswordInfoQueryDTO -Json $PasswordInfoQueryDTO
Search-V2024PasswordInfo-V2024PasswordInfoQueryDTO $Result
# Below is a request that includes all optional parameters
# Search-V2024PasswordInfo -V2024PasswordInfoQueryDTO $PasswordInfoQueryDTO
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2024PasswordInfo"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-password
This API is used to set a password for an identity.
An identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or ["authorization_code" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow).
>**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.**
To generate the encryptedPassword (RSA encrypted using publicKey) for the request body, run the following command:
```bash
echo -n "myPassword" | openssl pkeyutl -encrypt -inkey public_key.pem -pubin | base64
```
In this example, myPassword is the plain text password being set and encrypted, and public_key.pem is the path to the public key file. You can retrieve the required publicKey, along with other information like identityId, sourceId, publicKeyId, accounts, and policies, using the Query Password Info endpoint.
To successfully run this command, you must have OpenSSL installed on your machine. If OpenSSL is unavailable, consider using the Virtual Appliance (VA), which has OpenSSL pre-installed and configured.
If you are using a Windows machine, refer to this [guide](https://tecadmin.net/install-openssl-on-windows/) for instructions on installing OpenSSL.
You can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordChangeRequest | [**PasswordChangeRequest**](../models/password-change-request) | True |
### Return type
[**PasswordChangeResponse**](../models/password-change-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Reference to the password change. | PasswordChangeResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordChangeRequest = @"{
"sourceId" : "8a807d4c73c545510173c545d4b60246",
"accountId" : "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com",
"identityId" : "8a807d4c73c545510173c545f0a002ff",
"publicKeyId" : "YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2",
"encryptedPassword" : "XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A=="
}"@
# Set Identity's Password
try {
$Result = ConvertFrom-JsonToPasswordChangeRequest -Json $PasswordChangeRequest
Set-V2024Password-V2024PasswordChangeRequest $Result
# Below is a request that includes all optional parameters
# Set-V2024Password -V2024PasswordChangeRequest $PasswordChangeRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2024Password"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)