Details
-
Suggestion
-
Status: Under Consideration (View Workflow)
-
Resolution: Unresolved
-
None
Description
As a REST client, if I want to invalidate the current password of a user so the user cannot use it anymore and is forced to reset it, then I have to generate a random password string, which may or may not match the current password policy.
I'd prefer to have a REST API to invalidate a user's password that is guaranteed to succeed, not matter which password policy has been set.
Attachments
Issue Links
- relates to
-
CWD-3332 Allow forcing a password reset for all users
- Gathering Interest