Customer Identity (CIAM)
Force Password Change on Password Expiration
When calling the username and password login interface, if the password has expired or is about to expire, and the user chooses to change the password, call this interface.
# Request Description
POST https://{your_domain}/api/v2/sdk/pwd/update
# Request Headers
| Parameter Name | Chinese Name | Required | Type | Example |
|---|---|---|---|---|
| X-operating-sys-version | Caller Client Operating System Version | Yes | String | windows10.1.1 |
| X-device-fingerprint | Caller Client Device Fingerprint | Yes | String | 156aysdna213sc50 |
| X-device-ip | Caller Client IP | No | String | 192.168.1.2 |
| X-agent | User-Agent Information | Yes | String | Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) |
| X-L | For Internationalization Language Setting | No | String | zh |
| X-client-id | Application Authorization ID | Yes | String | nTo1eRIub60vPb54WeE6aojPwYwImtl4 |
| X-state-token | Temporary Token | Yes | String | eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1............................ |
| content-type | Content Format Type | Yes | String | application/json |
# Request Example
{
"old_password": "aaaaaa",
"new_password": "bbbbbb"
}
1
2
3
4
2
3
4
# Request Parameters
| Parameter Name | Chinese Name | Required | Type | Description |
|---|---|---|---|---|
| old_password | Old Password | Yes | String | User's old password |
| new_password | New Password | Yes | String | New password to set |
# Response Example
Success Example:
HTTP/1.1 200 OK
Content-Type: application/json
{
"status": "SUCCESS",
"expire": 43200,
"session_token": "LGTiTNVDFPlpefV3F3Hla7RUFTqInsqa",
"id_token": "eyJ0NiJ9.eyJ1cI6IjIifX0.DeWt4QuZXso"
}
Error Example:
HTTP/1.1 400 Bad Request
{
"error_code": "IDAAS.SDK.PARAM.0014",
"error_msg": "Invalid state token"
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# Response Parameters
| Parameter Name | Chinese Name | Type | Description |
|---|---|---|---|
| status | Return Result | String | Possible return values for this field are as follows: SUCCESS Login successful, ACCESS_DENIED Access denied |
| expire | session_token Validity Period | Number | session_token validity period, within which the session_token can be used to obtain a ticket |
| session_token | User session_token | String | User session_token, which can be used to call IDaaS interfaces to obtain sso_ticket, and sso_ticket can be exchanged for user information |
| id_token | Short-term valid, interface call token | String | This field is in JWT format and contains user identity information. Please refer to Obtain User Information from id_token to get user information. The token validity period defaults to 5 minutes and is configurable. |
# Error Codes
| Status Code | Error Code | Error Message | Action |
|---|---|---|---|
| 400 | IDAAS.SDK.PARAM.0001 | Device information is incomplete | Please check if the input device information is complete |
| 设备信息不完整 | |||
| 400 | IDAAS.SDK.PARAM.0002 | clientId cannot be empty | Please check if the input clientId is empty |
| clientId不能为空 | |||
| 400 | IDAAS.SDK.PARAM.0003 | The app is not registered, please register the app first | Please check if the input clientId is correct |
| 应用未注册,请先注册应用 | |||
| 400 | IDAAS.SDK.PARAM.0013 | State token cannot be empty | Please check if the input temporary token is empty |
| 临时令牌不能为空 | |||
| 400 | IDAAS.SDK.PARAM.0014 | Invalid state token | Please check if the input temporary token is correct |
| 临时令牌无效 | |||
| 400 | IDAAS.SDK.PARAM.0018 | Original password cannot be empty | Please check if the input original password is empty |
| 原密码不能为空 | |||
| 400 | IDAAS.SDK.PARAM.0019 | New password cannot be empty | Please check if the input new password is empty |
| 新密码不能为空 | |||
| 400 | IDAAS.SDK.PARAM.0020 | The original password and the new password do not match | Please check if the input original password and new password are the same |
| 原密码和新密码不能一致 | |||
| 400 | IDAAS.SDK.LOGIN.0001 | User has been locked out due to multiple login failures. It will be unlocked in {0} minutes and {1} seconds | Please try again after unlocking |
| 由于多次登录失败,用户已被锁定。 它将在 {0} 分钟和 {1} 秒内解锁 | |||
| 400 | IDAAS.SDK.LOGIN.0002 | Invalid account or password. Remaining times: {0} | Please check if the input username or password is correct |
| 无效的账号或密码。 剩余次数:{0} | |||
| 400 | IDAAS.SDK.USER.0039 | User is disabled | Please contact the administrator |
| 用户已被禁用 | |||
| 400 | IDAAS.SDK.PWD.0001 | The password is used before, cannot be used again | Please re-enter the password |
| 不允许使用历史密码 | |||
| 400 | IDAAS.SDK.PWD.0002 | Password cannot username in reverse order | Please re-enter the password |
| 密码不允许使用用户名的倒写 | |||
| 400 | IDAAS.SDK.PWD.0003 | Password cannot contain :username, phone number, email prefix, name in PinYing | Please re-enter the password |
| 密码中不允许包含:用户名、手机号、邮箱前缀、姓名拼音 | |||
| 400 | IDAAS.SDK.PWD.0004 | Your password complexity is low, {0} | Please re-enter the password |
| 密码复杂度低,{0} | |||
| 400 | IDAAS.SDK.PWD.0005 | The password is weak | Please re-enter the password |
| 该密码为弱密码 | |||
| 400 | IDAAS.SDK.PWD.0006 | Number of character repeat in password should not exceed {0} | Please re-enter the password |
| 密码中最大字符重复数不能超过{0} | |||
| 400 | IDAAS.SDK.PWD.0007 | The password must contain {0} to {1} characters | Please re-enter the password |
| 密码长度为{0}~{1}个字符 |