Enforce password reset on api requests
Manage how the password reset functionality operates on your instance.
When a user is marked for Password needs reset they must provide a new password at the next authentication attempt. The glide.authenticate.api.user.reset_password.mandatory system property controls whether the password reset is mandatory before making API calls. If glide.authenticate.api.user.reset_password.mandatory isn't set to the recommended value of true, then user accounts marked as Password needs reset can still perform most common operations by querying the table API through basic authentication.
Ensure the property glide.authenticate.api.user.reset_password.mandatory is set to true.
More information
| Attribute | Description |
|---|---|
| Configuration name | glide.authenticate.api.user.reset_password.mandatory |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value | true |
| Default value | <none> |
| Fallback value | false |
| Category | Session management |
| Security risk |
|
| Dependencies and prerequisites | None |