Sofar logo
Sofar logo
Api
Activate email OTP POSTActivate TOTP POSTGet active 2FA methods GETSet or reset email OTP POSTInitiate email OTP challenge POSTInitiate an email address transfer POSTSet or reset TOTP POSTTime until the next email OTP may be generated GETSend a password reset email POSTComplete an email address transfer PUTTime until the next recovery code guess GETDeactivate email OTP DELETEDeactivate TOTP DELETEReset the recovery codes of a user POSTSend a password reset OTP POSTTime until the next TOTP guess GETUpdate password via OTP PUTUpdate password via sudo token PUTCheck a password reset OTP POSTComplete email OTP challenge POSTVerify a recovery code POSTVerify TOTP code POST
User
PUT
/user/password/old-password

Change a user password, authenticating by providing the old password and a sudo or access token (in 2FA is disabled)

Authorization

AuthorizationBearer <token>

A valid sudo token (proof of presence) can be obtained via the /2fa/{method}/verify endpoints. It has a 5 minutes validity period.

In: header

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X PUT "https://authentication.eniris.be/user/password/old-password" \  -H "Content-Type: application/json" \  -d '{    "oldPassword": "string",    "newPassword": "stringst"  }'
null
{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Password must contain at least one uppercase character"
}
{
  "statusCode": 401,
  "error": "Unauthorized",
  "message": "NO_TOKEN_PROVIDED"
}
{
  "statusCode": 429,
  "error": "Too many requests",
  "message": "TOO_MANY_FAILED_PASSWORD_CHECKS",
  "retryAfter": 0
}
{
  "statusCode": 500,
  "error": "Internal server error",
  "message": "NO_PASSWORD_INFO"
}

Update password via OTP PUT

Change a user password, authenticating by providing an OTP

Check a password reset OTP POST

Check a password reset OTP, to see if it is valid

oldPassword*string
Lengthlength <= 256
newPassword*string

Must contain uppercase, lowercase, and a digit

Match^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).*$
Length8 <= length <= 256