Home B2Core API REST API The Back Office API Passwords

Passwords

Use these methods to change client passwords as well as get a password change history.

PUT[host]/api/v2/clients/{clientId}/password

PATCH[host]/api/v2/clients/{clientId}/password

Change a client password

GET[host]/api/v2/clients/{clientId}/password/changes

Get a password change history

GET[host]/api/v2/clients/{clientId}/password/changes/{changeId}

Get password change details

Use these methods to prompt clients to reset their passwords.

POST[host]/api/v2/clients/reset-password

Prompt all clients to reset their passwords

POST[host]/api/v2/clients/{clientId}/reset-password

Prompt a specific client to reset their password

Change a client password

Use this method to change a password for a specified client.

Note

Instead of the method described below, you can use a similar method that uses the HTTP verb PATCH.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Path parameters:

clientID required

The client identifier.

Body:

Specify the following parameters for a password change:

password string required

The new password.

send_mail boolean required

If true, a new password is sent to a client email address; otherwise, false .

PUT[host]/api/v2/clients/{clientId}/password

curl --location --request PATCH 'https://host.name/api/v2/clients/1/password' \
--header 'Authorization: Bearer <token>' \
--header 'accept-language: ja' \
--data-raw '{
  "password": "Qwerty123",
  "send_mail": true
}'

Response

In case of success, no response body is returned.

Get a password change history

Use this method to get a password change history for a specified client.

Note

If such a request is made by an admin user that is only permitted to view clients with certain tags, a response includes only the password change records for clients marked with these tags.

To obtain detailed information about a specific password change record, use a separate method to get password change details.

Request

Header parameters:

  • Authorization: Bearer <token>

Path parameters:

clientId required

The client identifier.

Query parameters:

The following sorting parameter is available for this method:

createTime (default)

The date and time when a password was changed or restored.

GET[host]/api/v2/clients/{clientId}/password/changes

curl --location --request GET 'https://host.name/api/v2/clients/370/password/chnages?limit=10&offset=0&sort_order=desc&sortBy=createTime' \
--header 'Authorization: Bearer <token>'

Response

A response includes the following data about each password change record:

id integer

The identifier of a password change record.

type string

The password change type. Possible values:

  • changed – a client’s password was updated by a Back Office user.

  • restored – a password was updated by a client.

clientId integer

The client identifier.

userId integer or null

The identifier of a Back Office user who changed a password.

createTime string

The date and time when a password was changed or restored.

RESPONSE EXAMPLE 
{
  "id": 18,
  "type": "restored",
  "clientID": 370,
  "userID": null,
  "createTime": "2022-01-01T00:00:00+00:00"
}

Get password change details

Use this method to obtain detailed information about a specified password change record.

Request

Header parameters:

  • Authorization: Bearer <token>

Path parameters:

clientId required

The client identifier.

changeId required

The identifier of a password change record.

GET[host]/api/v2/clients/{clientId}/password/changes/{changeId}

curl --location --request GET 'https://host.name/api/v2/clients/370/password/changes/18?' \
--header 'Authorization: Bearer <token>'

Response

A response includes the following data about a specified password change record:

id integer

The identifier of a password change record.

type string

The password change type. Possible values:

  • changed – a client’s password was updated by a Back Office user.

  • restored – a password was updated by a client.

clientId integer

The client identifier.

userId integer or null

The identifier of a Back Office user who changed a password.

createTime string

The date and time when a password was changed or restored.

RESPONSE EXAMPLE 
{
  "id": 18,
  "type": "restored",
  "clientID": 370,
  "userID": null,
  "createTime": "2022-01-01T00:00:00+00:00"
}

Prompt all clients to reset their passwords

Use this method to prompt all clients to reset their passwords.

Note

If such a request is made by an admin user that is only permitted to view clients with certain tags, a request will be send only to the clients marked with these tags.

If clients that have been prompted to reset their passwords are currently signed in to the B2Core UI, they are signed out automatically.

Next, the clients should sign in to the B2Core UI with their current credentials, enter verification codes sent to their email addresses, and then reset their passwords.

Request

Header parameters:

  • Authorization: Bearer <access_token>

POST[host]/api/v2/clients/reset-password

curl --location --request POST 'https://host.name/api/v2/clients/reset-password' \
--header 'Authorization: Bearer <token>'

Response

In case of success, no response body is returned.

Prompt a specific client to reset their password

Use this method to prompt a specific client to reset their password.

If a client that has been prompted to reset their password is currently signed in to the B2Core UI, this client is signed out automatically.

Next, the client should sign in to the B2Core UI with their current credentials, enter a verification code sent to their email address, and then reset their password.

Request

Header parameters:

  • Authorization: Bearer <access_token>

Path parameters:

clientID required

The client identifier.

POST[host]/api/v2/clients/{clientId}/reset-password

curl --location --request POST 'https://host.name/api/v2/clients/1/reset-password' \
--header 'Authorization: Bearer <token>'

Response

In case of success, no response body is returned.