Enforce password reset on api requests

Release version: Australia

Updated March 12, 2026

1 minute to read

Manage how the password reset functionality operates on your instance.

When a user is marked for Password needs reset they must provide a new password at the next authentication attempt. The glide.authenticate.api.user.reset_password.mandatory system property controls whether the password reset is mandatory before making API calls. If glide.authenticate.api.user.reset_password.mandatory isn't set to the recommended value of true, then user accounts marked as Password needs reset can still perform most common operations by querying the table API through basic authentication.

Ensure the property glide.authenticate.api.user.reset_password.mandatory is set to true.

More information


Attribute	Description
Configuration name	glide.authenticate.api.user.reset_password.mandatory
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	<none>
Fallback value	false
Category	Session management
Security risk	Severity score: 8.1 CVSS score: High Security risk details: This could allow information disclosure in the event that stale accounts are compromised.
Dependencies and prerequisites	None