Force Password Update by Email When Expired API
When calling the password login API, if the password has expired or is about to expire, and the user changes the password via email verification code, call this API.
Request Description
Request Headers
| Parameter Name | Name | Required | Type | Description |
|---|---|---|---|---|
| X-operating-sys-version | Caller operating system version | Yes | String | windows10.1.1 |
| X-device-fingerprint | Caller device fingerprint | Yes | String | 156aysdna213sc50 |
| X-device-ip | Caller IP | No | String | 192.168.1.2 |
| X-agent | User-Agent information | Yes | String | Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15(KHTML, like Gecko) Mobile/15E148/HuaWei-AnyOffice/2.6.1802.0010/com.huawei.cloudlink.workplace |
| X-L | Used for internationalization language setting | No | String | zh |
| X-client-id | Application authorization ID | Yes | String | nTo1eRIub60vPb54WeE6aojPwYwImtl4 |
| X-state-token | Temporary token | Yes | String | eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZW1... |
Request Example
json
{
"verify_code": "1234",
"new_password": "P@ssw0rd123"
}Request Parameters
| Parameter Name | Name | Required | Type | Description |
|---|---|---|---|---|
| verify_code | Email verification code | Yes | String | Received verification code To obtain the verification code, see Send Email Verification Code API type = CHANGE_PWD_EMS |
| new_password | New password | Yes | String | New password to set |
Response Example
Success Example
HTTP/1.1 200 OK
json
{
"status": "SUCCESS",
"expire": 43200,
"session_token": "LGTiTNVDFPlpefV3F3Hla7RUFTqInsqa",
"id_token": "eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJJc3N1ZXIiLCJhdWQiOiJBdWRpZW5jZSIsImV4cCI6MTY1MzQ4NDQxMiwianRpIjoieUxSVGZXY1VkYk9PeUFpbHdZU0ZqZyIsImlhdCI6MTY1MzQ2NjQxMiwibmJmIjoxNjUzNDY2MjkyLCJzdWIiOiJzdWJqZWN0IiwiYXBpIjoie1wibmFtZVwiOlwiXCIsXCJtb2JpbGVcIjpcIis4Ni0xNTkwNzEzMjg1MlwiLFwiaWRcIjpcIjIwMjIwNDI1MTQwMTM4NTE5LUJGMUItNTI4QjA1NTFCXCIsXCJ1c2VyTmFtZVwiOlwibG91eGlcIixcImVtYWlsXCI6XCIxMUBxcS5jb21cIn0ifQ.al79knH1fKa4aT4AFr_FMjqBKu2pV_g-lKzzgHzmor5X-dHwSBUtjH38KOzjIqHvkcRMjXQuBnWmjRI7-0Djn2LuWVueaf3wRXLscCWiSDC7chjUyTRXMatYINxdvW-oSWFYGFqqbdsavLqOnvehd7ahEaTuiL9yZolvslZIkIxjxBJJu7A9Ln2sk3wf9pxXU83jIJ8ubPQBoVS-ilerTTJOKDZ9XsL2ftJsaqdTJK_mYbvKaVpLIVyHHJ2NcF6f-Al4N4kc8cgxtSgSKFDcR7Bz7dYlOcfUXCPAzJ3NZInm8UaksiWU02tvlvTRvRdoxZNnvD5vamZ5hjFc-cW5jA"
}Error Example
HTTP/1.1 400 Bad Request
json
{
"error_code": "SDK.COMMON.1001",
"error_msg": "Parameter X-client-id cannot be left blank."
}Response Parameters
| Parameter Name | Name | Type | Description |
|---|---|---|---|
| status | Return result | String | Possible values for this field SUCCESS Login successful |
| expire | session_token validity period | Number | Validity period of session_token; within this period, session_token can be used to obtain a ticket |
| session_token | User session_token | String | User session_token; this token can be used to call BambooCloud IDaaS APIs to obtain a sso_ticket, which can be exchanged for user information |
| id_token | Short-term valid interface call credential | String | This field is a JWT containing user information and the application's scope information; it must be verified and parsed. Default validity is 2 hours and is configurable |