cancel
Showing results for 
Search instead for 
Did you mean: 

Change user's password?

stefan_jesse
Explorer
0 Kudos

If a user has the flag "isPasswordToChangeAtNextLogon" set, I would like to show a "Change Password" dialog in my client tool. But this of course only makes sense if there is an endpoint to actually change the password, and so far I haven't found one... Does anyone know if this is possible?

Accepted Solutions (1)

Accepted Solutions (1)

daniel_paulsen
Active Contributor
0 Kudos

Hi Stefan,

I don't see any way of getting this information on BI4.1, but BI4.2 has new User/UserGroup APIs that contains this information:

GET  /biprws/users/<userId>

    <entry>

        <title type="text">user</title>

        <updated>2016-08-15T14:50:09.634Z</updated>

        <link href="http://localhost:6405/biprws/users/15453" />

        <content type="application/xml">

            <attrs xmlns="http://www.sap.com/rws/bip">

                <attr name="cuid" type="string">AQgyqDfVZHdAhkTc5kWUngc</attr>

                <attr name="isAccountDisabled" type="bool">false</attr>

                <attr name="isPasswordToChangeAtNextLogon" type="bool">true</attr>

                <attr name="isPasswordChangeAllowed" type="bool">true</attr>

                <attr name="description" type="string">dan on 4.2</attr>

                <attr name="fullName" type="string">Dan</attr>

                <attr name="isPasswordExpiryAllowed" type="bool">true</attr>

                <attr name="title" type="string">Dan</attr>

                <attr name="emailAddress" type="string">Dan@sap.com</attr>

                <attr name="usergroups" type="string">[1]</attr>

                <attr name="connection" type="int32">1</attr>

                <attr name="id" type="int32">15453</attr>

                <attr name="inboxID" type="int32">0</attr>

            </attrs>

        </content>

    </entry>

An undesirable way of checking this on BI4.1 is to log on twice, where the second logon would fail, but that's not a very clean solution since there's no way to update the password in 4.1 using RESTful.

Dan

stefan_jesse
Explorer
0 Kudos

Hi Dan,

yes, I know, 4.2 is exactly where I have this information from. But the question is: can you update a user's password in 4.2 using RESTful?

If not, I can at least tell the user that he needs to change his password using some other tool, e.g. BI Launchpad. But of course I would prefer

to offer this convenience myself.

Regards,

Stefan

daniel_paulsen
Active Contributor
0 Kudos

Hi Stefan,

I was able to do this, but had to provide the following rights to the user

  • Modify rights users have to objects
  • Add or edit Attributes

I also tested on BI4.2 SP03.  If you are still developing your application for BI4.2, I would suggest getting SP03 since the Platform URLs are now versioned and it would probably be best to use these URLs rather than the non versioned ones going forward (the old ones still work tho).  The new ones will have additional attributes in several cases and can be found in the SP03 documentation.  Possibly the same will work on SP02 using the non versioned URL, but I did not test it.

I used:

PUT  /biprws/v1/users/<userId>

body:

<entry xmlns="http://www.w3.org/2005/Atom">

    <title type="text">user</title>

    <updated>2016-08-17T20:24:24.046Z</updated>

    <link href="http://localhost:6405/biprws/v1/users/8746" rel="alternate"/>

    <content type="application/xml">

        <attrs xmlns="http://www.sap.com/rws/bip">

            <attr name="forcepasswordchange" type="bool">false</attr>

            <attr name="description" type="string">dan's description</attr>

            <attr name="ownerid" type="string">12</attr>

            <attr name="parentid" type="string">19</attr>

            <attr name="password" type="string">newPassword1</attr>

            <attr name="nameduser" type="bool">false</attr>

            <attr name="name" type="string">Dan</attr>

            <attr name="disabled" type="bool">false</attr>

            <attr name="fullname" type="string">Dan</attr>

            <attr name="email" type="string">Dan@sap.com</attr>

            <attr name="passwordexpiry" type="bool">false</attr>

        </attrs>

    </content>

</entry>

The SP03 documentation says to use a "newPassword" attribute, but this did not work for me.  I needed to use "password" to actually get the password to change.

Dan

stefan_jesse
Explorer
0 Kudos

Hi Dan,

thanks for the info. But I still have one problem - how do I find out the ID of the currently logged on user (8746 in your example)? I would have expected to get this info back from calling the logon endpoint, but I cannot find this information!?

Regards, Stefan

eric_festinger
Contributor
0 Kudos

hi Stefan,

Starting with 4.2 SP3, you can get some session information data with Web Intelligence RESTful Web Service:

GET [application/xml or application/json] .../raylight/v1/session

which should return for example:

{

    "session": {

        "user": {

            "id": 6381,

            "name": "raylight_user",

            "cuid": "AZFmWPGBwwRBm3almUJGkfk",

            "timeZone": "Japanische Normalzeit",

            "preferredViewingLocale": "ja-JP",

            "productLocale": "de"

        }

    }

}

Regards,

eric

Answers (0)