+1
Astea Alliance V15.3
I’m trying to automate a service that can send an API call to Astea Alliance that will reset the password for a given user id and respond back with the temporary password. Is this possible? If so, do you have a template XML?
Best answer by Phil Seifert
View original
+21
Hi Kevin,
i am not aware of such an API and actually would not consider one to be a good idea generally as it would present a high level security risk.
Such an API process to return a result with the temporary password as a response could potentially be used to gain access to the application/data via a user’s account which the requestor should not have access or lock the specified user out of their system by changing their password.
The Alliance application does have a mechanism to allow password reset with a temporary password via the Password Initialization module or also with a Forgot Password option on the login screen where an email would be sent to the currently registered email address of the user account.
Perhaps you can use these options instead?
+1
Hi Phil,
Thanks Phil, I do agree it’s a high level security risk. Was trying to resolve issues with our users being unable to get into the application in general because they don’t set up their security Q/A even though we inform them. So, they can’t reset their own password. It ends up being manual work to do for one admin covering for hundreds on users.
We aren’t connecting this to an AD or SSO, so was trying to figure out ways to automate this in the backend for user management systems, or ticket requests.
Thanks
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
