Change password

Description

This service allows a currently logged-in party (e.g., a person, company, or physical location) to change their password.

Request

Restrictions

This service requires an authenticated user and can only be called when a party is logged in.

Endpoint

This service can be called on a Person, Physical Location, or Company entity.

PUT https://<server-url>/api/v4/person/passwordchange
PUT https://<server-url>/api/v4/physicallocation/passwordchange
PUT https://<server-url>/api/v4/company/passwordchange

Parameters

Parameter
Location
Description

touchpoint

Query / Header

The identifier for the touchpoint. Use Thalamus-Touchpoint for the header.

token

Query / Header

The authentication token for the API session. Use Thalamus-Token for the header.

activity

Query / Header

Optional. The activity to be used. Use Thalamus-Activity for the header.

oldPasswordRequired

Query

Optional. A boolean (true or false). Indicates if the oldpassword field is required in the request body. Only applicable for specially configured touchpoints.

Content-Type

Header

Specifies the content type of the request body. Must be application/json.

Full URL Example

https://<server-url>/api/v4/person/passwordchange?oldPasswordRequired=true&touchpoint=test&token=...

Request Body

The request body must contain the user's current password and the new password for confirmation.

Field
Type
Description

oldpassword

String

The user's current password. May be optional depending on the oldPasswordRequired parameter.

newPassword

String

The new password chosen by the user.

confirmNewPassword

String

The new password repeated for confirmation.

JSON

{
  "oldpassword": "current-password-123",
  "newPassword": "new-strong-password-456",
  "confirmNewPassword": "new-strong-password-456"
}

Response

✅ Successful Response: 200 OK

The password was successfully changed. The party remains logged in, and the response returns the current session context.

JSON

{
  "context": {
    "links": [
      {
        "ref": "home",
        "href": "http://localhost:8080/thalamus/api/v4/people/home"
      }
    ],
    "activities": [
      {
        "code": "EMileage",
        "name": "E Mileage"
      }
    ],
    "simpleProfile": {
      "firstname": "user I",
      "lastname": "lopez",
      "email": "[email protected]"
    }
  }
}

❌ Unsuccessful Response: 400 Bad Request

Returned if the old password does not match, or if the new password does not meet the required format or complexity rules.

JSON

{
  "errors": {
    "oldPassword": "NotMatch",
    "partyCredential.plainPassword": "InvalidPassword"
  }
}
PreviousLogoutNextCurrently logged user

Last updated

Was this helpful?