Password Reset Step 2 . Change password

Description

This service is the second and final step of the password reset process. It uses the token and principal that the party received in the password reset email.

The email contains a link similar to the following, which directs the user to a page where they can enter their new password:

HTML

<a href="https://www.yoursite.com?principal=${person.profile.principal}&token=${password.token}">Click Here for Resetting your password</a>

The landing page must capture the new password and submit all three values (token, principal, and the new password) to this service.

Request

Restrictions

This service can only be called when the party is not logged in.

Endpoint

This service can be called on a Person, Physical Location, or Company entity.

PUT https://<server-url>/api/v4/person/password
PUT https://<server-url>/api/v4/physicallocation/password
PUT https://<server-url>/api/v4/company/password

Parameters

Parameter

Location

Description

touchpoint

Query / Header

The identifier for the touchpoint making the request. If sent as a header, the name must be Thalamus-Touchpoint.

token

Query / Header

The authentication token for the API. If sent as a header, the name must be Thalamus-Token.

activity

Query / Header

Optional. The activity to be used. If sent as a header, the name must be Thalamus-Activity.

Content-Type

Header

Specifies the content type of the request body. Must be application/json.

Full URL Example

https://<server-url>/api/v4/person/password?touchpoint=test&token=testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttest

Request Body

The body of the request must be a JSON object containing the password reset token, the new password, and the party's principal.

Field

Type

Description

token

String

The password reset token that was sent in the email link.

password

String

The new password entered by the user.

principal

String

The party's principal identifier, also from the email link.

JSON

{
  "token": "91fba4c4c5e09b4818112c6cedeb53ac",
  "password": "newPassword123",
  "principal": "1:27594535"
}

Response

✅ Successful Response: `200 OK`

The password has been successfully changed, and the party is now logged in. The response body contains the new session context.

JSON

{
  "context": {
    "links": [
      {
        "ref": "home",
        "href": "http://localhost:8080/thalamus/api/v4/people/home"
      },
      {
        "ref": "profile",
        "href": "http://localhost:8080/thalamus/api/v4/people/profile"
      },
      {
        "ref": "consumer",
        "href": "http://localhost:8080/thalamus/api/v4/people/consumer"
      }
    ],
    "activities": [
      {
        "links": [],
        "code": "EMileage",
        "name": "E Mileage",
        "message": "E Mileage. You can accumulate points by introducing the codes printed on E packs. Then you can trade those points for items in our catalogue. You will participate in raffle at the end of the activity. You can up-load your codes using your smartphone, our web page, SMS or iPad.",
        "type": "GENERIC"
      }
    ],
    "simpleProfile": {
      "firstname": "user I",
      "lastname": "lopez",
      "email": "[email protected]"
    }
  }
}

❌ Unsuccessful Response: `400 Bad Request`

Returned if the provided token, principal, or new password is invalid or does not meet requirements.

JSON

{
  "errors": {
    "token": "InvalidToken",
    "partyCredential.plainPassword": "InvalidPassword",
    "principal": "InvalidPrincipal"
  }
}

PreviousPassword Reset Step 1 . Request email NextPerson management

Last updated 4 months ago

Was this helpful?

Good night

hashtagDescription

hashtagRequest

hashtagRestrictions

hashtagEndpoint

hashtagParameters

hashtagFull URL Example

hashtagRequest Body

hashtagResponse

hashtag✅ Successful Response: 200 OK

hashtag❌ Unsuccessful Response: 400 Bad Request

Description

Request

Restrictions

Endpoint

Parameters

Full URL Example

Request Body

Response

✅ Successful Response: `200 OK`

❌ Unsuccessful Response: `400 Bad Request`