Jump to content

Set User Account Password


Recommended Posts

Is there a method to set a user's account password using the API? I'm scripting a user account creation process and this is the one aspect I haven't managed to figure out. Looking at the schemas, there's no property that looks like it would do it. Sending an invitation email seems like the best route but it's not our current manual method and I'd rather not change it if possible.

I'm working with the rest api endpoint using powershell if that's relevant. I don't believe it leaves me without any features of the api clients.

Link to comment
Share on other sites

Hi, @roxburn!

Unfortunately, you can't currently set a user's password via the API. You can invite a user[1], or reset their password (they get a reset email and get to choose their new password), but you can't provide the password yourself.

Alternatively, depending on your ftrack license, you can also configure Single Sign-On via SAML[2]. This would allow you to entirely bypass the need to have your own custom user synchronization tools.

In the short term I can share your use case with our product team but the above are your current options.


[1] https://ftrack-python-api.readthedocs.io/en/latest/example/invite_user.html
[2] https://help.ftrack.com/en/articles/1430063-single-sign-on-via-saml

Link to comment
Share on other sites

Thank you very much for the answer Patrick. We're not quite at the point where we can implement SSO so that's where I'm left trying to automate old manual processes.

Is the reset password action the same as invite user? I don't see a different one in the docs. I think it could be useful in the future for me.

Link to comment
Share on other sites

I understand the situation you're in. Sorry I don't have better news for you.

In regards to the password reset, here's how you can initiate that from the API:

Just change `api_key` in that example to `password` and it should initiate the password reset for you.

Link to comment
Share on other sites

My above statement was incomplete.

The backend currently supports _changing_ a password, not initiating a password reset flow.

The process of changing a password requires the previous password. Here is how you would proceed:

payload = {
    'action': 'reset_remote',
    'reset_type': 'password',
    'entity_type': 'User',
    'entity_key': some_user_id,
    'entity_data': {
        'old_password': current_password,
        'new_password': new_password

The above is currently undocumented and not officially supported. Your mileage may vary. I'll be seeing with colleagues if we want to edit the Python API to better support this in the API or extend this to initiating a reset flow.

Link to comment
Share on other sites

Thanks a lot Patrick, I can see where this would be useful. It would satisfy my requirements if I could find out what the default password is for new accounts that haven't set one yet. I assumed it would be null or an empty string but they both returned as the wrong password. Unless you happen to know what it is it looks like I'll still have to go with the invitation route.

Link to comment
Share on other sites

For security purposes, when a user is newly created and the invite flow has been initiated (i.e. the password was not manually set for them via the UI), the password is randomly generated and nobody knows it. This means only the user can log in after having gone through the invite flow and having reset their password.

I've submitted a request for feature enhancement regarding programmatic management of passwords and user provisioning to our product team on your behalf.

Edited by Patrick Boucher
Added the feature request after this reply.
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...