Versions Compared

Old Version 1

changes.mady.by.user Krisztian Papp

Saved on

compared with

New Version 2

changes.mady.by.user Krisztian Papp

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Listing entities: to identify the existing entities. The sensitive passwords are stored in an encrypted format in the database. With the API neither the plain nor the encrypted password cannot be retrieved.

  • Retrieve one entity by ID: to fetch the latest public values of an entity. Similar to the listing action the sensitive properties cannot be retrieved.

  • Modify properties of an entity: to actually change the credentials such as the password. Not every property of an entity can be updated. The allowed properties are listed in the REST API documentation site for every update endpoint. The modification action can be achieved with the PATCH HTTP method. This method allows the client to send only the changed properties to the server.

  • Verify the password change: to send the known plain password to the system and retrieve a true or false value based on the sent plain password matches with the currently stored value. After a certain number of failed verification attempts the system blocks the API user from further requests to prevent password guessing.

...

Info

The following examples require a valid access token. To acquire an access token, use the Authentication endpoint. The different examples may require different permissions. Please, be aware to always use an access token that was acquired by a user with the right permissions.

User

The non AD synchronized user entities have an updateable password field that can be modified with the API. The sensitive password is stored in an encrypted format in the database. With the API neither the plain nor the encrypted password cannot be retrieved.

...

Note: the login name is not modifiable. The new password must match with the configured password criteria i.e.: complexity or password history.

The following example shows how to change a user’s password with a PATCH method. The password has to be in plain format.

Code Block
languagenone
PATCH https://VFC_MR_DOMAIN/verba/restapi/v1/users/16
Content-Type: application/json

{
  "password": "new plain password"
}

After the change the modification can be verified with the following request.

Code Block
POST https://VFC_MR_DOMAIN//verba/restapi/v1/users/16/password/verify

new plain password

Active Directory Synchronization Profile

The Active Directory Synchronization Profile entities contain credential data to be able to connect to an LDAP server or an Azure AD tenant. The updateable properties are various and depend on the type of the AD Synchronization Profile entity.

The following example shows how to change the login name and the password for an LDAP server in the same request. The password has to be in plain format.

Code Block
languagenone
PATCH https://VFC_MR_DOMAIN/verba/restapi/v1/adSyncProfiles/13F72189-2EEB-425F-885B-7D1BBA83DDEB
Content-Type: application/json

{
  "userName": "john.doe",
  "ldapPassword": "new plain password"
}

Storage Target

Import Source

...