REST API for OTP Forgot Password in Oracle Access Manager

Get the configuration for otpforgotpassword

get

/iam/admin/access/api/v1/config/otpforgotpassword

This REST API tells whether otpforgotpassword feature is enabled in OAM and whether the default login page has the link to the forgot password page. It also mentions the exact forgotpassword page url.

Request

There are no request parameters for this operation.

Response

Supported Media Types

application/json

200 Response

The OTP forgot password configuration is retrieved successfully

Root Schema : ConfigureForgotPasswordLinkResponse

Type: object

Show Source

customWebRoot: string

This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion.
displayOTPForgotPasswordLink: boolean

Whether to show the OTP forgot password link on OAM or not. If its specified as false, the value for the forgotPasswordURL is not used and the link is not showed on the OAM default login page.
errorLevel: string

This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external.
forgotPasswordURL: string

This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server
mode: string

This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3)userselectchallenge -- otp will be sent to user, based on user selecting one of masked display challenges. 4)userchoose -- otp will be sent to user, based on selection of email or sms keywords. 5)totp -- time based otp generated in user's device.

{
    "type":"object",
    "properties":{
        "displayOTPForgotPasswordLink":{
            "type":"boolean",
            "description":"Whether to show the OTP forgot password link on OAM or not. If its specified as false, the value for the forgotPasswordURL is not used and the link is not showed on the OAM default login page."
        },
        "forgotPasswordURL":{
            "type":"string",
            "description":"This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server"
        },
        "mode":{
            "type":"string",
            "description":"This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3)userselectchallenge -- otp will be sent to user, based on user selecting one of  masked display challenges. 4)userchoose -- otp will be sent to user, based on selection of email or  sms keywords. 5)totp -- time based otp generated in user's device."
        },
        "errorLevel":{
            "type":"string",
            "description":"This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external."
        },
        "customWebRoot":{
            "type":"string",
            "description":"This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion. "
        }
    }
}

401 Response

Unauthorized

500 Response

Internal Server Error

Examples

This example demonstrates the method of querying whether otpforgotpassword feature is enabled in OAM. It also mentions the exact forgotpassword page url.

Example of the Response Headers

curl -X GET http://hostname:port/oam/services/rest/access/api/v1/config/otpforgotpassword/ -H 'authorization: Basic d2VibG9naWM6d2VsY29tZTE=' -H 'content-type: application/json'

Example of the Response Body

The following example shows the contents of the response body.

{
"customWebRoot":"SampleLoginWAR","displayOTPForgotPasswordLink":true,
"errorLevelInternal":true,"forgotPasswordURL":"/SampleLoginWAR/pages/otpforgotpassword.jsp","mode":"userselectchallenge"
}