Set the password for a user who has a valid password request key
Set the password for a user who has an outstanding password request. A user with an outstanding password request will have an unused and unexpired password key. The password key is part of the url provided to the user in the email sent to the user with information on how to set their password. The email was generated by the SoftLayer_User_Customer::initiatePortalPasswordRequest request. Password recovery keys are valid for 24 hours after they’re generated.
If the user has required authentication methods as specified by in the SoftLayer_Container_User_Customer_PasswordSet container returned from the SoftLayer_User_Customer::getRequirementsForPasswordSet request, then additional requests must be made to processPasswordSetRequest to authenticate the user before changing the password. First, if the user has security questions set on their profile, they will be required to answer one of their questions correctly. Next, if the user has Verisign, Google Authentication, or Phone Factor on their account, they must authenticate according to the two-factor provider. All of this authentication is done using the SoftLayer_Container_User_Customer_PasswordSet container. If the user has Phone Factor authentication, additional requests to SoftLayer_User_Customer::checkPhoneFactorAuthenticationForPasswordSet is required until a response other than Awaiting Response is received.
User portal passwords must match the following restrictions. Portal passwords must…
|passwordSet||SoftLayer_Container_User_Customer_PasswordSet||A container with the information required for setting customer password|
|authenticationContainer||SoftLayer_Container_User_Customer_External_Binding||The authentication container with the external authentication information.|
Throws the exception “Invalid password recovery key” if no password recovery key was provided, the provided key was invalid, the key has expired, or the recovery key does not belong to this user.
Throws the exception “Your portal password must” followed by a list of violated password rules if the given password fails to match any of the above restrictions.
Throws the exception “Invalid value provided for Password” if no password is provided.
Throws the exception “Invalid answer provided for security question” if security question is not answered according to the user’s profile.
Throws the exception “Account has been locked for 30 minutes” if maximum number of attempts to set password has been reached.
Throws the exception “You must supply external authentication credentials to log in with this user” if external authentication security code is required and not provided.
Throws the exception “Time-based One Time Password authentication is required to log in with this user” if TOTP authentication is required and not provided.
Throws the exception “Phone-based authentication is required to log in with this user” if phone-based authentication is required and not provided.
Throws the exception “Waiting on the external authentication response” if phone-based authentication was requested.