POST /api/v1/users/{userId}/lifecycle/reset_password
Resets password. Generates a one-time token (OTT) that you can use to reset a User's password. You can automatically email the OTT link to the User or return the OTT to the API caller and distribute using a custom flow.
This operation transitions the User to the RECOVERY status. The User is then not able to sign in or initiate a forgot password flow until they complete the reset flow.
This operation provides an option to delete all the User's sessions. However, if the request is made in the context of a session owned by the specified User, that session isn't cleared.
Note: You can also use this API to convert a User with the Okta Credential Provider to use a Federated Provider. After this conversion, the User can't directly sign in with a password. To convert a federated User back to an Okta User, use the default API call.
If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup:
- Okta no longer includes deactivated Users in the lookup.
- The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.
If
sendEmailisfalse, returns a link for the User to reset their password.
Servers
- https://{yourOktaDomain}
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
userId |
String | Yes |
ID of an existing Okta user |
Query parameters
| Name | Type | Required | Description |
|---|---|---|---|
revokeSessions |
Boolean | No |
Revokes all User sessions, except for the current session, if set to Default value: false |
sendEmail |
Boolean | Yes |
How to start integrating
- Add HTTP Task to your workflow definition.
- Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
- Click Test request to test run your request to the API and see the API's response.