Server Side API

Set User Password

Available For: Enterprise Plans

Allows you to set a new password for the the user, without the user's interaction or verification.

Only call the API from your secure backend server environment.
Never call this from a client such as Web or Mobile.
URL
https://www.justsignin.com/api/v1/server/adminSetUserPassword
Protocol
HTTPS
Method
POST
Header
Content-Type: application/json; charset=utf-8

Request Body

The request body is a JSON object sent as the body of the HTTPS POST. The request body should include the following pramaters.

appId
String
Required
The ID of your Just Sign In website configured in the dashboard.
appSecret
String
Required
One of the App Secrets you created for the website referenced by the appId.
userId
String
Required
The ID of the user whose password you want to set. The user's ID is available when the user Signs In, or when you Verify the user's Session. Typically, you will save the User ID in your application's database.
password
String
Required

The new password to be set. The password must conform to the password complexity setting in your User Pool.

The complexity of a password is simply calculated by how many password standard practices it complies with.

  • Very Strong complies with 5 standard practices
  • Strong complies with 4 standard practices
  • Average complies with 3 standard practices
  • Weak complies with 2 standard practices
  • Very Weak complies with 1 standard practice

Password standard practices...

  • Contains at least 8 characters
  • Contains an Upper Case letter
  • Contains a Lower Case letter
  • Contains a Number
  • Contains a Special Character !@#$%^&*
Example JSON POST Body (with pretend example values)
{
  "appId": "131889432817531002",
  "appSecret": "FCGAYPQP73U47ASKOWRPIOP7DPIY",
  "userId": "111770523408422991",
  "password": "I've heard phrases make the best passwords.  Have you?"
}

Responses

200 - Success

A successful call will return an HTTP 200 status code.

HTTP 200 JSON Response
{
  "success": true
}

400 - Invalid User

User ID was not of a valid user within your User Pool.

HTTP 400 JSON Response
{ 
  "error": "USER_DOES_NOT_EXIST", 
  "message": "User does not exist" 
}

400 - Password Too Weak

The password did not meet the complexity setting of the User Pool.

HTTP 400 JSON Response
{
  "error": "PASSWORD_TOO_WEAK",
  "message": "Password is too weak.",
}
< Delete UserChange User Email >