Package com.okta.sdk.resource.api
Class UserCredApi
java.lang.Object
com.okta.sdk.resource.api.UserCredApi
@Generated(value="org.openapitools.codegen.languages.JavaClientCodegen",
date="2024-09-23T16:19:57.008753975Z[Etc/UTC]",
comments="Generator version: 7.8.0")
public class UserCredApi
extends Object
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionchangePassword
(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict) Update Password Updates a User's password by validating the User's current Password.changePassword
(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict, Map<String, String> additionalHeaders) Update Password Updates a User's password by validating the User's current Password.changeRecoveryQuestion
(String userId, UserCredentials userCredentials) Update Recovery Question Updates a User's Recovery Question and answer credential by validating the User's current Password.changeRecoveryQuestion
(String userId, UserCredentials userCredentials, Map<String, String> additionalHeaders) Update Recovery Question Updates a User's Recovery Question and answer credential by validating the User's current Password.expirePassword
(String userId) Expire Password Expires the password.expirePassword
(String userId, Map<String, String> additionalHeaders) Expire Password Expires the password.expirePasswordWithTempPassword
(String userId, Boolean revokeSessions) Expire Password with temporary password Expires the password and resets the User's Password to a temporary password.expirePasswordWithTempPassword
(String userId, Boolean revokeSessions, Map<String, String> additionalHeaders) Expire Password with temporary password Expires the password and resets the User's Password to a temporary password.forgotPassword
(String userId, Boolean sendEmail) Start forgot password flow Starts the forgot password flow.Start forgot password flow Starts the forgot password flow.forgotPasswordSetNewPassword
(String userId, UserCredentials userCredentials, Boolean sendEmail) Reset Password with Recovery Question Resets the User's password to the specified password if the provided answer to the recovery question is correct.forgotPasswordSetNewPassword
(String userId, UserCredentials userCredentials, Boolean sendEmail, Map<String, String> additionalHeaders) Reset Password with Recovery Question Resets the User's password to the specified password if the provided answer to the recovery question is correct.protected static com.fasterxml.jackson.databind.ObjectMapper
resetPassword
(String userId, Boolean sendEmail, Boolean revokeSessions) Reset password Resets password.resetPassword
(String userId, Boolean sendEmail, Boolean revokeSessions, Map<String, String> additionalHeaders) Reset password Resets password.void
setApiClient
(ApiClient apiClient)
-
Constructor Details
-
UserCredApi
public UserCredApi() -
UserCredApi
-
-
Method Details
-
getApiClient
-
setApiClient
-
changePassword
public UserCredentials changePassword(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict) throws ApiException Update Password Updates a User's password by validating the User's current Password. This operation provides an option to delete all the sessions of the specified User. However, if the request is made in the context of a session owned by the specified User, that session isn't cleared. You can only perform this operation on Users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid [Password credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). The User transitions to `ACTIVE` status when successfully invoked in `RECOVERY` status.- Parameters:
userId
- ID of an existing Okta user (required)changePasswordRequest
- (required)strict
- If true, validates against password minimum age policy (optional, default to false)- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
changePassword
public UserCredentials changePassword(String userId, ChangePasswordRequest changePasswordRequest, Boolean strict, Map<String, String> additionalHeaders) throws ApiExceptionUpdate Password Updates a User's password by validating the User's current Password. This operation provides an option to delete all the sessions of the specified User. However, if the request is made in the context of a session owned by the specified User, that session isn't cleared. You can only perform this operation on Users in `STAGED`, `ACTIVE`, `PASSWORD_EXPIRED`, or `RECOVERY` status that have a valid [Password credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request). The User transitions to `ACTIVE` status when successfully invoked in `RECOVERY` status.- Parameters:
userId
- ID of an existing Okta user (required)changePasswordRequest
- (required)strict
- If true, validates against password minimum age policy (optional, default to false)additionalHeaders
- additionalHeaders for this call- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
changeRecoveryQuestion
public UserCredentials changeRecoveryQuestion(String userId, UserCredentials userCredentials) throws ApiException Update Recovery Question Updates a User's Recovery Question and answer credential by validating the User's current Password. You can only perform this operation on Users in `STAGED`, `ACTIVE`, or `RECOVERY` status that have a valid [Password credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request).- Parameters:
userId
- ID of an existing Okta user (required)userCredentials
- (required)- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
changeRecoveryQuestion
public UserCredentials changeRecoveryQuestion(String userId, UserCredentials userCredentials, Map<String, String> additionalHeaders) throws ApiExceptionUpdate Recovery Question Updates a User's Recovery Question and answer credential by validating the User's current Password. You can only perform this operation on Users in `STAGED`, `ACTIVE`, or `RECOVERY` status that have a valid [Password credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/password&t=request).- Parameters:
userId
- ID of an existing Okta user (required)userCredentials
- (required)additionalHeaders
- additionalHeaders for this call- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
expirePassword
Expire Password Expires the password. This operation transitions the User status to `PASSWORD_EXPIRED` so that the User must change their password the next time that they sign in. <br> If you have integrated Okta with your on-premises Active Directory (AD), then setting a User's Password as expired in Okta also expires the Password in AD. When the User tries to sign in to Okta, delegated authentication finds the password-expired status in AD, and the User is presented with the password-expired page where they can change their Password.- Parameters:
userId
- ID of an existing Okta user (required)- Returns:
- User
- Throws:
ApiException
- if fails to make API call
-
expirePassword
Expire Password Expires the password. This operation transitions the User status to `PASSWORD_EXPIRED` so that the User must change their password the next time that they sign in. <br> If you have integrated Okta with your on-premises Active Directory (AD), then setting a User's Password as expired in Okta also expires the Password in AD. When the User tries to sign in to Okta, delegated authentication finds the password-expired status in AD, and the User is presented with the password-expired page where they can change their Password.- Parameters:
userId
- ID of an existing Okta user (required)additionalHeaders
- additionalHeaders for this call- Returns:
- User
- Throws:
ApiException
- if fails to make API call
-
expirePasswordWithTempPassword
public User expirePasswordWithTempPassword(String userId, Boolean revokeSessions) throws ApiException Expire Password with temporary password Expires the password and resets the User's Password to a temporary password. This operation transitions the User status to `PASSWORD_EXPIRED` so that the User must change their password the next time that they sign in. User's Password is reset to a temporary password that is returned, and then the User's Password is expired. If `revokeSessions` is included in the request with a value of `true`, the User's current outstanding sessions are revoked and require re-authentication. <br> If you have integrated Okta with your on-premises Active Directory (AD), then setting a User's Password as expired in Okta also expires the Password in AD. When the User tries to sign in to Okta, delegated authentication finds the password-expired status in AD, and the User is presented with the password-expired page where they can change their Password.- Parameters:
userId
- ID of an existing Okta user (required)revokeSessions
- Revokes the User's existing sessions if `true` (optional, default to false)- Returns:
- User
- Throws:
ApiException
- if fails to make API call
-
expirePasswordWithTempPassword
public User expirePasswordWithTempPassword(String userId, Boolean revokeSessions, Map<String, String> additionalHeaders) throws ApiExceptionExpire Password with temporary password Expires the password and resets the User's Password to a temporary password. This operation transitions the User status to `PASSWORD_EXPIRED` so that the User must change their password the next time that they sign in. User's Password is reset to a temporary password that is returned, and then the User's Password is expired. If `revokeSessions` is included in the request with a value of `true`, the User's current outstanding sessions are revoked and require re-authentication. <br> If you have integrated Okta with your on-premises Active Directory (AD), then setting a User's Password as expired in Okta also expires the Password in AD. When the User tries to sign in to Okta, delegated authentication finds the password-expired status in AD, and the User is presented with the password-expired page where they can change their Password.- Parameters:
userId
- ID of an existing Okta user (required)revokeSessions
- Revokes the User's existing sessions if `true` (optional, default to false)additionalHeaders
- additionalHeaders for this call- Returns:
- User
- Throws:
ApiException
- if fails to make API call
-
forgotPassword
Start forgot password flow Starts the forgot password flow. Generates a one-time token (OTT) that you can use to reset a User's Password. The User must validate their security question's answer when visiting the reset link. This operation can only be performed on Users with an ACTIVE status and a valid [Recovery Question credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request). > **Note:** If you have migrated to Identity Engine, you can allow Users to recover passwords with any enrolled MFA authenticator. See [Self-service account recovery](https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-sspr.htm?cshid=ext-config-sspr) If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup: * Okta no longer includes deactivated Users in the lookup. * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses. If `sendEmail` is `false`, returns a link for the User to reset their Password. This operation doesn't affect the status of the User.- Parameters:
userId
- ID of an existing Okta user (required)sendEmail
- Sends a forgot password email to the User if `true` (optional, default to true)- Returns:
- ForgotPasswordResponse
- Throws:
ApiException
- if fails to make API call
-
forgotPassword
public ForgotPasswordResponse forgotPassword(String userId, Boolean sendEmail, Map<String, String> additionalHeaders) throws ApiExceptionStart forgot password flow Starts the forgot password flow. Generates a one-time token (OTT) that you can use to reset a User's Password. The User must validate their security question's answer when visiting the reset link. This operation can only be performed on Users with an ACTIVE status and a valid [Recovery Question credential](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/#tag/User/operation/createUser!path=credentials/recovery_question&t=request). > **Note:** If you have migrated to Identity Engine, you can allow Users to recover passwords with any enrolled MFA authenticator. See [Self-service account recovery](https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-sspr.htm?cshid=ext-config-sspr) If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup: * Okta no longer includes deactivated Users in the lookup. * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses. If `sendEmail` is `false`, returns a link for the User to reset their Password. This operation doesn't affect the status of the User.- Parameters:
userId
- ID of an existing Okta user (required)sendEmail
- Sends a forgot password email to the User if `true` (optional, default to true)additionalHeaders
- additionalHeaders for this call- Returns:
- ForgotPasswordResponse
- Throws:
ApiException
- if fails to make API call
-
forgotPasswordSetNewPassword
public UserCredentials forgotPasswordSetNewPassword(String userId, UserCredentials userCredentials, Boolean sendEmail) throws ApiException Reset Password with Recovery Question Resets the User's password to the specified password if the provided answer to the recovery question is correct. You must include the Recovery Question answer with the submission.- Parameters:
userId
- ID of an existing Okta user (required)userCredentials
- (required)sendEmail
- (optional, default to true)- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
forgotPasswordSetNewPassword
public UserCredentials forgotPasswordSetNewPassword(String userId, UserCredentials userCredentials, Boolean sendEmail, Map<String, String> additionalHeaders) throws ApiExceptionReset Password with Recovery Question Resets the User's password to the specified password if the provided answer to the recovery question is correct. You must include the Recovery Question answer with the submission.- Parameters:
userId
- ID of an existing Okta user (required)userCredentials
- (required)sendEmail
- (optional, default to true)additionalHeaders
- additionalHeaders for this call- Returns:
- UserCredentials
- Throws:
ApiException
- if fails to make API call
-
resetPassword
public ResetPasswordToken resetPassword(String userId, Boolean sendEmail, Boolean revokeSessions) throws ApiException Reset password Resets password. Generates a one-time token (OTT) that you can use to reset a User's password. You can automatically email the OTT link to the User or return the OTT to the API caller and distribute using a custom flow. This operation transitions the User to the `RECOVERY` status. The User is then not able to sign in or initiate a forgot password flow until they complete the reset flow. This operation provides an option to delete all the User's sessions. However, if the request is made in the context of a session owned by the specified User, that session isn't cleared. > **Note:** You can also use this API to convert a User with the Okta Credential Provider to use a Federated Provider. After this conversion, the User can't directly sign in with a password. > To convert a federated User back to an Okta User, use the default API call. If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup: * Okta no longer includes deactivated Users in the lookup. * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses. If `sendEmail` is `false`, returns a link for the User to reset their password.- Parameters:
userId
- ID of an existing Okta user (required)sendEmail
- (required)revokeSessions
- Revokes all User sessions, except for the current session, if set to `true` (optional, default to false)- Returns:
- ResetPasswordToken
- Throws:
ApiException
- if fails to make API call
-
resetPassword
public ResetPasswordToken resetPassword(String userId, Boolean sendEmail, Boolean revokeSessions, Map<String, String> additionalHeaders) throws ApiExceptionReset password Resets password. Generates a one-time token (OTT) that you can use to reset a User's password. You can automatically email the OTT link to the User or return the OTT to the API caller and distribute using a custom flow. This operation transitions the User to the `RECOVERY` status. The User is then not able to sign in or initiate a forgot password flow until they complete the reset flow. This operation provides an option to delete all the User's sessions. However, if the request is made in the context of a session owned by the specified User, that session isn't cleared. > **Note:** You can also use this API to convert a User with the Okta Credential Provider to use a Federated Provider. After this conversion, the User can't directly sign in with a password. > To convert a federated User back to an Okta User, use the default API call. If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup: * Okta no longer includes deactivated Users in the lookup. * The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses. If `sendEmail` is `false`, returns a link for the User to reset their password.- Parameters:
userId
- ID of an existing Okta user (required)sendEmail
- (required)revokeSessions
- Revokes all User sessions, except for the current session, if set to `true` (optional, default to false)additionalHeaders
- additionalHeaders for this call- Returns:
- ResetPasswordToken
- Throws:
ApiException
- if fails to make API call
-
getObjectMapper
protected static com.fasterxml.jackson.databind.ObjectMapper getObjectMapper()
-