Set user password via API

  • 1
  • Problem
  • Updated 3 months ago
  • (Edited)
I'm having trouble adding a user with a set password and allowing that client user to access the site. If I get the email to view the folder with the user and I reset the password it does work but not the password i'm setting in the API. I'm using the github wrapper for C# and code is below.

...
var userItem = userEntity.Create(user, false, false, false, true, false).Execute();
var pwd = Password.PasswordGenerator.GeneratePassword(true, true, true, false, false, 12); //creates a password that meets requirements
var userRoles = new List>();
userRoles.Add(new SafeEnum { Enum = UserRole.CanChangePassword, Value = "false" });
userRoles.Add(new SafeEnum { Enum = UserRole.CanManageMySettings, Value = "false" });
userItem = userEntity.Update(userEntity.GetEntityUriFromId(userItem.Id), new User { Password = pwd, IsConfirmed = true, Security = new UserSecurity { ForcePasswordChange = false }, Roles = userRoles }).Execute();
...

Nothing in the code throws an error, but it doesn't appear to do anything to update the user and set their password or roles. I've tried variations of adding the password first on the create and it didn't work either.

Thanks!
Photo of Andrew Schreiner

Andrew Schreiner

  • 3 Posts
  • 0 Reply Likes

Posted 3 years ago

  • 1
Photo of Dale Smith

Dale Smith, Software Engineer

  • 181 Posts
  • 23 Reply Likes
Hi Andrew,

You cannot update the password via User.Update. It can only be set either through the Create method or by explicitly calling the User.ResetPassword method. 

In your example you could do:

var resetPassword = new ResetPasswordObject { OldPassword = "old", NewPassword = pwd};
var response = userEntity.ResetPassword(userEntity.GetEntityUriFromId(userItem.Id), resetPassword).Execute();

If you are calling in the context of an admin, then you do not need to provide the old password. Documentation can be found here: https://api.sharefile.com/rest/docs/resource.aspx?name=Users under the ResetPassword section.

Hope this helps,
Dale Smith
Photo of Rahul Singh

Rahul Singh

  • 1 Post
  • 0 Reply Likes
Hi Dale, how do we call this api in the context of admin?
Photo of Andrew Schreiner

Andrew Schreiner

  • 3 Posts
  • 0 Reply Likes
Hi Dale,

This piece doesn't seem to work

var resetPassword = new ResetPasswordObject { OldPassword = "old", NewPassword = pwd };
var response = userEntity.ResetPassword(userEntity.GetEntityUriFromId(userItem.Id), resetPassword).Execute();

I've also changed my code to set the password in the user object I pass into the create entry and it still doesn't allow that user to log in. I'm deleting the user and readding just to be sure in the code as well.

var pwd = Password.PasswordGenerator.GeneratePassword(true, true, true, false, false, 12);
user.Preferences = new UserPreferences { CanResetPassword = false, CanViewMySettings = false, IsResetSecurityQuestionRequired = false, NotifyOnDownloadByDefault = false, NotifyOnUploadByDefault = false, IsSharedUserAccount = true };
user.Password = pwd;
user.IsConfirmed = true;
var userItem = userEntity.Create(user, false, false, false, true, false).Execute();
Photo of Dale Smith

Dale Smith, Software Engineer

  • 181 Posts
  • 23 Reply Likes
What exactly about the ResetPassword endpoint isn't working?

Also, I don't believe we allow a user to be confirmed via the IsConfirmed flag. I believe for external applications, we only allow the user to confirm through webpop. So that could be throwing a wrench into the process. 
Photo of Andrew Schreiner

Andrew Schreiner

  • 3 Posts
  • 0 Reply Likes
Hi Dale,

The ResetPasswordObject itself doesn't exist. It was looking for on ODataObject which looks like:

public class ODataObject
{
public ODataObject();

//
// Summary:
// Object Identifier
public string Id { get; set; }
//
// Summary:
// ODATA Metadata information about the model instance
[JsonProperty(PropertyName = "odata.metadata")]
public string MetadataUrl { get; set; }
public Uri url { get; set; }
[JsonProperty(PropertyName = "odata.type")]
public string __type { get; set; }

public virtual void Copy(ODataObject source, JsonSerializer serializer);
}