Skip to content

Update User Password

The endpoint Update User Password is used to change the existing Leapwork user’s password using userId. After the successful change of password, the operation completed is returned in the response. The userId used as the input can be obtained from the Get All Users endpoint with UserType as “Leapwork”.

Request URL

(PUT)

http://{controllerMachine}:{controllerPort}/api/v4/user/password/{userId}

Input parameters

Field

Type

Description

Comment

accessKey

string

An access key is required to restrict unauthorized access to the API.

Access Key should include user scope to access user related APIs.

userId

string

Unique identifier for the user

Can be obtained from the Get All Users endpoint with UserType as “Leapwork”

requestBody

application/json

Unique identifiers for the Leapwork User comprising the following parameters:

  

 

 

Password

Password should meet password complexity security policy

 

 

ForceChangePasswordOnFirstLogin

Possible values: true| false

Examples

Curl

curl -X PUT --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'accessKey: UsctfG8Mg1LVa29L' -d '{ \

   "Password": "Newpassword%40123", \

   "ForceChangePasswordOnFirstLogin": true \

}' 'http://localhost:9001/api/v4/user/password/3940e00a-164c-4693-be0b-14ff4746c4a6'

PowerShell 

$headers = @{}
$headers.Add("accessKey","UsctfG8Mg1LVa29L")

$requestBody = @'
{
    "Password": "Newpassword%40123",
    "ForceChangePasswordOnFirstLogin": true
}
'@ 

Invoke-WebRequest -Uri "http://localhost:9001/api/v4/user/password/3940e00a-164c-4693-be0b-14ff4746c4a6" -ContentType "application/json" -Headers $headers -Method PUT -Body $requestBody

Response 

Update password and returns true for successful operation completion in the response.

{

"$id": "1",

"OperationCompleted": true

}

Response Object

Field

Type

Description

Values

$id

string

ID of internal object

 

OperationCompleted

bool

Returns ‘true’ if the user’s password is changed successfully

true | false

Response Code

  • 200 (OK)
  •  400 (Bad Request – eg: “The password must contain at least one lowercase letter, one uppercase letter, one digit, one special (non-alphanumeric) character. The password length must be at least 10 characters.”, "The new password cannot be the same as current password.")
  • 401 (Unauthorized - eg: “Incorrect Accesskey”)
  • 403 (Forbidden – eg: “AccessKey does not have the relevant scope permission”)
  • 500 (Internal Server Error)