This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

what all attribute permissions are needed to set the user password by calling SSPR rest API.

Hi, we have a requirement to reset the password by calling SSPR rest API, we tried to reset it via Soap UI tool, but we are getting error, you do not have sufficient rights. what all rights are needed to reset the user password.

SSPR Version:-4.3.0.5

Edir Version:-9.1.4

API:-/sspr/public/rest/randompassword

Request:-

{
"username": "testuser005",
"strength": 100,
"minLength": 8,
"chars": "AbcDdpiwmenmnDETKDN@!@#1234567890"
}

Response:-

{
"error": true,
"errorCode": 5027,
"errorMessage": "You do not have permission to perform the requested action."
}

Proxy user:-ssprproxyUser

This user already has the rights.

  • Set following rights to root container with Inherit checked:
    • Browse rights to [Entry Rights]
    • Read and Compare rights to the following attributes
      • pwmResponseSet
      • Configured Naming (CN)
      • Login Disabled
      • Login Time
    • Read, Compare, and Write rights to following attribute
      • objectClass,
      • Password Management
      • pwmEventLog
      • pwmToken
      • pwmLastPwdUpdate
      • Locked By Intruder
      • Login Intruder Attempts
      • Login Intruder Reset Time
      • hnsacctstatuschangeddate

SSPR Logs are in attachment.

ssprproxyuser is able to reset the password of the users using iManager.