Change your password

Changes a user’s password. You must provide the login name and current password or API key of the user whose password is to be updated in an HTTP Basic Authentication header. Also replaces the user’s API key with a new securely generated random value. You can fetch the new API key by using Login.

Your HTTP/REST client probably provides HTTP basic authentication support. For example, curl and all of the Conjur client libraries provide this.

Machine roles (Hosts) do not have passwords. They authenticate using their API keys, while passwords are only used by human users.

URI

PUT /authn/{account}/password

Example with curl

Change the password of user alice from “Mypassw0rD1!” to “Mypassw0rD2!”:

curl --verbose \
     --request PUT --data Mypassw0rD2\! \
     --user alice:Mypassw0rD1\! \
     https://eval.conjur.org/authn/myorg/password

To verify the name change, run the same command again. This time the command should fail because the password has changed.

Headers

Field	Description	Example
Authorization	Conjur access token	Token token=“eyJkYX…Rhb=”

Request Body

The new password in the example is “@Sup3rS3cr3t@”.

Response

Code	Description
204	The password has been changed
401	The request lacks valid authentication credentials
404	User not found
422	A request parameter was missing or invalid

Example URI

PUT /authn/myorg/password

URI Parameters

Parameter	Type	Mandatory	Description
account	String	Yes	Organization account name Example: `myorg`

Parameter

Type

Mandatory

Description

account

String

Yes

Organization account name

Example: myorg

Request

Headers

Content-Type: text/plain
Authorization: Basic Ym9iOjlwOG5mc2RhZmJw

Body

@Sup3rS3cr3t@