Recover Password
POST {{authPath}}/{{envID}}/flows/{{flowID}}The POST /{{envID}}/flows/{{flowID}} operation initiates an action to recover the account and set a new password. The request body requires the recoveryCode and newPassword attributes. This operation uses the application/vnd.pingidentity.password.recover+json custom media type as the content type in the request header. The password recovery code is 8 alphanumeric characters. The timeout for password recovery is 5 minutes. These attributes are not configurable.
|
The password reset failure count is set at five (5) failed attempts with a given code. After five failed attempts, the response returns an error message. Initiating another password recovery process resets the failure count and allows the API to be called again. The new password recovery process starts by calling the Send (Resend) Recovery Code endpoint. |
Prerequisites
-
Refer to Flows for important overview information.
-
Send an authorize request to get a flow ID: Authorize. Refer also to Login action authentication flow and Authorization and authentication.
-
Start the flow: Read Flow.
-
Refer also to the
RECOVERY_CODE_REQUIREDflow state in the Flow status values table.
Request Model
| Property | Type | Required? |
|---|---|---|
|
String |
Required |
|
String |
Required |
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{authPath}}/{{envID}}/flows/{{flowID}}' \
--header 'Content-Type: application/vnd.pingidentity.password.recover+json' \
--data '{
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
}'var options = new RestClientOptions("{{authPath}}/{{envID}}/flows/{{flowID}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/vnd.pingidentity.password.recover+json");
var body = @"{" + "\n" +
@" ""recoveryCode"": ""xxxxxx""," + "\n" +
@" ""newPassword"": ""{{newPassword}}""" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{authPath}}/{{envID}}/flows/{{flowID}}"
method := "POST"
payload := strings.NewReader(`{
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/vnd.pingidentity.password.recover+json")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /{{envID}}/flows/{{flowID}} HTTP/1.1
Host: {{authPath}}
Content-Type: application/vnd.pingidentity.password.recover+json
{
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/vnd.pingidentity.password.recover+json");
RequestBody body = RequestBody.create(mediaType, "{\n \"recoveryCode\": \"xxxxxx\",\n \"newPassword\": \"{{newPassword}}\"\n}");
Request request = new Request.Builder()
.url("{{authPath}}/{{envID}}/flows/{{flowID}}")
.method("POST", body)
.addHeader("Content-Type", "application/vnd.pingidentity.password.recover+json")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{authPath}}/{{envID}}/flows/{{flowID}}",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/vnd.pingidentity.password.recover+json"
},
"data": JSON.stringify({
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{authPath}}/{{envID}}/flows/{{flowID}}',
'headers': {
'Content-Type': 'application/vnd.pingidentity.password.recover+json'
},
body: JSON.stringify({
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{authPath}}/{{envID}}/flows/{{flowID}}"
payload = json.dumps({
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
})
headers = {
'Content-Type': 'application/vnd.pingidentity.password.recover+json'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{envID}}/flows/{{flowID}}');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/vnd.pingidentity.password.recover+json'
));
$request->setBody('{\n "recoveryCode": "xxxxxx",\n "newPassword": "{{newPassword}}"\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{authPath}}/{{envID}}/flows/{{flowID}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/vnd.pingidentity.password.recover+json"
request.body = JSON.dump({
"recoveryCode": "xxxxxx",
"newPassword": "{{newPassword}}"
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"recoveryCode\": \"xxxxxx\",\n \"newPassword\": \"{{newPassword}}\"\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/flows/{{flowID}}")!,timeoutInterval: Double.infinity)
request.addValue("application/vnd.pingidentity.password.recover+json", forHTTPHeaderField: "Content-Type")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()