Reset Password for Authentication based on User Repository Identity Service
For apps built based on Quantum Fabric SDKs and User Repository identity service, an app user can now reset the password of the app.
- For example, you use User Repository identity service for authentication in for app and build the app by using Quantum Fabric SDKs. In this case, if an app user forgets the password to log in to the app, the user can reset the password based on the registered email ID.
NOTE: From Quantum AppPlatform V8 SP4, the forgot password functionality is available only for Quantum Cloud Users.
Prerequisites
You must meet the following prerequisites:
- The client app must have a User Repository Identity Service.
How to Reset password based on Authentication for User Repository Identity Service
To reset a password, do the following:
After an app is published successfully, open the service document file of your app. The service document contains all configured services.
The following is a sample code for Login, which contains meta data of an identity service including the following details:
forgot_pswd_submit_userid
: URL of your reset password request.url
: URL of your Quantum Cloud account
"login": [ { "forgot_pswd_submit_userid": "https://00000000.auth.konycloud.com/forgot_password/submit_userid/", "reset_pswd": "https://000000000.auth.konycloud.com/forgot_password/reset_password/", "alias": "myRepo1", "type": "basic", "prov": "myRepo1", "url": "https://000000000.auth.konycloud.com" },
- Specify the identity provider name as a query parameter to the URL.
For example, if an app user forgets the login password, the user can reset the password using the URL set for the Key:
forgot_pswd_submit_userid
from app service document.https://<mytenantID.auth.konycloud.com/forgot_password/submit_userid/?provider=userstore
- Userstore is the name of an identity service.
- If you create a user repository identity service, you can provide the name of the service as provider name in the query parameter.
For example,"
prov
": "
myRepo1
"
- Go to the reset_pswd URL by using a browser. The Submit User ID screen appears.
- Specify your User Id.
- Click SUBMIT. The reset password mail process starts and sends an email to your registered email account.
- Click the Reset Password link from the email that you received.
The new password window appears.
- Specify the following details:
- User ID: Email of a user.
- Password: Enter a new password for your account pertaining to the password criteria.
NOTE: Your password must be between 8 to 20 characters long, and must include at least one uppercase letter, one lowercase letter, a digit and a special character.
- Confirm Password: Re-enter your new password for the confirmation.
- Click CHANGE PASSWORD. A confirmation window is displayed saying, Password Changed Successfully.
Characteristics of Reset URL
The following are the characteristics of the reset URL:
- Forgot Password URL is valid for one-time use.
- Forgot Password URL is valid for one hour. Using old forgot password links throw an error:
- Forgot Password URL must not be formed with the user request input.
Limitations
- A Reset Password link is sent to your registered email ID. The link is valid for 1 day. A reset password link can be used only once.