Skip to content

Force Password Update by Email When Expired API

When calling the password login API, if the password has expired or is about to expire, and the user changes the password via email verification code, call this API.

Request Description

Request Headers

Parameter NameNameRequiredTypeDescription
X-operating-sys-versionCaller operating system versionYesStringwindows10.1.1
X-device-fingerprintCaller device fingerprintYesString156aysdna213sc50
X-device-ipCaller IPNoString192.168.1.2
X-agentUser-Agent informationYesStringMozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15(KHTML, like Gecko) Mobile/15E148/HuaWei-AnyOffice/2.6.1802.0010/com.huawei.cloudlink.workplace
X-LUsed for internationalization language settingNoStringzh
X-client-idApplication authorization IDYesStringnTo1eRIub60vPb54WeE6aojPwYwImtl4
X-state-tokenTemporary tokenYesStringeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZW1...

Request Example

json
{
    "verify_code": "1234",
    "new_password": "P@ssw0rd123"
}

Request Parameters

Parameter NameNameRequiredTypeDescription
verify_codeEmail verification codeYesStringReceived verification code
To obtain the verification code, see Send Email Verification Code API
type = CHANGE_PWD_EMS
new_passwordNew passwordYesStringNew password to set

Response Example

Success Example

HTTP/1.1 200 OK

json
{
  "status": "SUCCESS",
  "expire": 43200,
  "session_token": "LGTiTNVDFPlpefV3F3Hla7RUFTqInsqa",
  "id_token": "eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJJc3N1ZXIiLCJhdWQiOiJBdWRpZW5jZSIsImV4cCI6MTY1MzQ4NDQxMiwianRpIjoieUxSVGZXY1VkYk9PeUFpbHdZU0ZqZyIsImlhdCI6MTY1MzQ2NjQxMiwibmJmIjoxNjUzNDY2MjkyLCJzdWIiOiJzdWJqZWN0IiwiYXBpIjoie1wibmFtZVwiOlwiXCIsXCJtb2JpbGVcIjpcIis4Ni0xNTkwNzEzMjg1MlwiLFwiaWRcIjpcIjIwMjIwNDI1MTQwMTM4NTE5LUJGMUItNTI4QjA1NTFCXCIsXCJ1c2VyTmFtZVwiOlwibG91eGlcIixcImVtYWlsXCI6XCIxMUBxcS5jb21cIn0ifQ.al79knH1fKa4aT4AFr_FMjqBKu2pV_g-lKzzgHzmor5X-dHwSBUtjH38KOzjIqHvkcRMjXQuBnWmjRI7-0Djn2LuWVueaf3wRXLscCWiSDC7chjUyTRXMatYINxdvW-oSWFYGFqqbdsavLqOnvehd7ahEaTuiL9yZolvslZIkIxjxBJJu7A9Ln2sk3wf9pxXU83jIJ8ubPQBoVS-ilerTTJOKDZ9XsL2ftJsaqdTJK_mYbvKaVpLIVyHHJ2NcF6f-Al4N4kc8cgxtSgSKFDcR7Bz7dYlOcfUXCPAzJ3NZInm8UaksiWU02tvlvTRvRdoxZNnvD5vamZ5hjFc-cW5jA"
}

Error Example

HTTP/1.1 400 Bad Request

json
{
    "error_code": "SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Response Parameters

Parameter NameNameTypeDescription
statusReturn resultStringPossible values for this field
SUCCESS Login successful
expiresession_token validity periodNumberValidity period of session_token; within this period, session_token can be used to obtain a ticket
session_tokenUser session_tokenStringUser session_token; this token can be used to call BambooCloud IDaaS APIs to obtain a sso_ticket, which can be exchanged for user information
id_tokenShort-term valid interface call credentialStringThis field is a JWT containing user information and the application's scope information; it must be verified and parsed. Default validity is 2 hours and is configurable

BambooCloud IDaaS Open Platform