The MyAccount Password API provides operations to enroll, update, and delete passwords.
Notes:
- Super admins can enable the IDP MyAccount API password feature. See Enable self-service features.
- The Okta account management policy doesn't support the MyAccount Password API. See Configure an Okta account management policy.
A valid API version in the Accept
header is required to access the API. Current version: 1.0.0
Accept: application/json; okta-version=1.0.0
Retrieves the current user's password status
Note: This request only returns information about the password, not the password itself.
Example response
Unauthorized
Not Acceptable (missing header)
{- "id": "00T196qTp3LIMZQ0L0g3",
- "status": "ACTIVE",
- "created": "2020-01-14T20:05:32.000Z",
- "lastUpdated": "2020-01-14T20:05:32.000Z",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE",
- "PUT"
]
}
}
}
}
Creates and enrolls a password for the current user
Example response
Bad Request
Unauthorized
Conflict
Not Acceptable (missing header)
{- "profile": {
- "password": "Abcd1234"
}
}
{- "id": "00T196qTp3LIMZQ0L0g3",
- "status": "ACTIVE",
- "created": "2020-01-14T20:05:32.000Z",
- "lastUpdated": "2020-01-14T20:05:32.000Z",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE",
- "PUT"
]
}
}
}
}
Replaces the password for the current user by resetting it. A password reset doesn't require the user to know the existing password.
Note: Azure Active Directory (AD) users don't have permission to reset passwords by default. You need to configure this permission through your AD instance. If you don't have this permission as an AD user, use the Update a Password operation.
Example response
Bad Request
Unauthorized
Forbidden
Not Acceptable (missing header)
{- "profile": {
- "password": "Abcd1234"
}
}
{- "id": "00T196qTp3LIMZQ0L0g3",
- "status": "ACTIVE",
- "created": "2020-01-14T20:05:32.000Z",
- "lastUpdated": "2020-01-14T20:05:32.000Z",
- "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET",
- "DELETE",
- "PUT"
]
}
}
}
}
Deletes the current user's enrolled password
No Content
Unauthorized
Not Found
Not Acceptable (missing header)
{- "errorCode": "E0000015",
- "errorSummary": "You do not have permission to access the feature you are requesting",
- "errorLink": "E0000015",
- "errorId": "oaeStOuPPxDRUm3PJhf-tL7bQ",
- "errorCauses": [ ]
}
Updates a password. The user needs to know the current password to change it.
No Content
Bad Request
Unauthorized
Forbidden
{- "oldPassword": "Abcd1234",
- "newPassword": "Abcd12345"
}
{- "errorCode": "E0000001",
- "errorSummary": "Api validation failed: Password",
- "errorLink": "E0000001",
- "errorId": "oaejUwz8U5FQ_SyggQwz1kC3w",
- "errorCauses": [
- {
- "errorSummary": "password: Password requirements were not met. Password requirements: at least 8 characters, a lowercase letter, an uppercase letter, a number, no parts of your username. Your password cannot be any of your last 4 password(s)."
}
]
}
Retrieves the password complexity requirements for the current user
Example response
Unauthorized
{- "description": "Password requirements: at least 8 characters, a lowercase letter, an uppercase letter, a number, no parts of your username. Your password cannot be any of your last 4 password(s).",
- "complexity": {
- "minLength": 8,
- "minLowerCase": 1,
- "minUpperCase": 1,
- "minNumber": 1,
- "minSymbol": 0,
- "excludeUsername": true,
- "excludeAttributes": [ ]
}, - "_links": {
- "self": {
- "hints": {
- "allow": [
- "GET"
]
}
}
}
}