Password update requests are structured differently based on whether the password update is a self change or an administrative change. The PUT /environments/{environmentId}/users/{userId}/password endpoint is called in both cases, but the request body for the self-change operation requires a value for the currentPassword attribute while the administrative-change operation does not. Both operations use application/vnd.pingidentity.password.reset+json as the content type in the request header.

Self-change password update

The sample shows the PUT /environments/{environmentId}/users/{userId}/password operation to execute a self-change reset of the password identified by the user ID and environment ID.

In the request body, the currentPassword value specifies the existing password, and newPassword specifies the value of the new password assigned to this user. Note that the new password is validated against the current password policy. For a successful self-change update, the status attribute value is changed to OK.