Change the System Administrator Password using cURL

You can change the system administrator (sa) user's password using cURL. Changing the sa password using this procedure changes the password_hash value and stores the salted hash, but not to the NEWPASSWORD value. If you are using the built-in authentication provider, you can change all user passwords, as well as name, email, and other information, using cURL.

Note: Changing the password for the admin user is usually done using API Creator, but you can use this procedure to change the admin user password. The admin user's ident value is normally 1000 instead of 2.

Prerequisite: You have determined the correct URL. The portion shown as https://api.acme.com in the following examples is the portion that you use as the server when you log into API Creator.

How to Change the System Administrator's Password using cURL

Use the following process to change the sa password using cURL:

  1. Obtain the sa user's auth token.
  2. Retrieve the sa user's checksum value.
  3. Change the sa user's password.

Obtain the Auth Token for the System Administrator User

The auth token for the sa user is the apikey value.

Issue the following command:

curl -d '{"username":"sa","password":"CURRENTPASSWORD"}' -H "Content-type: application/json" \
    -X POST https://api.acme.com/rest/abl/admin/v2/@authentication

The following response is expected:

{
"apikey": "94e248b6a192c006e07a77fdaa7f93b6",
"expiration": "2015-11-06T02:15:50.088Z",
"lastLoginTs": "2015-11-04T18:11:34.094Z",
"lastLoginIP": "123.45.67.89",
"email": "admin@acme.com"
}

Retrieve the System Administrator User's checksum Value

Use the apikey value to retrieve the sa user:

curl -H "Authorization: CALiveAPICreator 94e248b6a192c006e07a77fdaa7f93b6:1" \
    -X GET https://api.acme.com/rest/abl/admin/v2/users/2

The following response is expected:

[
{
   "ident": 2,
   "ts": "2015-11-04T18:25:54.072092Z",
   "name": "sa",
   "fullname": "System Admin",
   "email": "admin@acme.com",
   "status": "A",
   "roles": "System administrator",
   "data": null,
   "comments": null,
   "apikey_lifespan": null,
   "password_hash": "jA0D60fG+sB310w9MpLVEah/lg/f9aJCnDcPtl14ho55o6koI0zZ+cpxQiwdHFvUuzEF4byogjJ/wV9sbSJp5w==",
   "password_salt": "QH7FeE7frVejG1E4KSlU0Q==",
   "project_ident": 3,
   "@metadata": {
       "href": "https://api.acme.com/rest/abl/admin/v2/admin:users/2",
       "checksum": "A:ff8fc7eaad8dbe66"
   }
}
]
Note: Only relevant content is shown. If you are changing the password for the admin user, the ident is normally 1000 instead of 2.

Change the System Administrator User Password

The final step is to change the sa user with a PUT, using the auth token and the checksum value:

curl -d '{"password_hash":"NEWPASSWORD","@metadata": {"href": "https://api.acme.com/rest/abl/admin/v2/admin:users/2","checksum": "A:ff8fc7eaad8dbe66"}}' \
    -H "Authorization: CALiveAPICreator 94e248b6a192c006e07a77fdaa7f93b6:1" \
    -H "Content-type: application/json" \
    -X PUT https://api.acme.com/rest/abl/admin/v2/users/2

The following response is expected:

{
    "statusCode": 200,
    "txsummary": [
      {
        "@metadata": {
        "href": "https://api.acme.com/rest/abl/admin/v2/admin:users/2",
        "resource": "admin:users",
        "verb": "UPDATE"
        "checksum": "A:d747ca75b28058ed"
        },
        "ident": 2,
        "ts": "2015-11-04T18:15:17.955629Z",
        "name": "sa",
        "fullname": "System Admin",
        "email": "admin@acme.com",
        "status": "A",
        "roles": "System administrator",
        "data": null,
        "comments": null,
        "apikey_lifespan": null,
        "password_hash":      "9b/4OrzqFbOqELveMlq74pl3yTfD3v3Xrpe2ICBoTMnZ/RE8ZQBUq64bS4y3Dz9ASXh0qWZGq9XdQulSxbOyZQ==",
        "password_salt": "QH7FeE7frVejG1E4KSlU0Q==",
        "project_ident": 3
      }
   ]
}

The password_hash is changed and a salted hash is stored.