Hey Everyone!
I have an integration running on an instance that has introduced a password expiration policy.
In the past, I could get around this by using the /me/password (PUT) endpoint, which would update the password and would also update the "password_last_updated" field regularly. This "password_last_updated" entry would determine whether the password was expired or not.
Password expiration is now handled by Sugar Identity and the "password_last_updated" field is no longer used. (so no questionable sql update query on our user's record would work either)
The /me/password (PUT) endpoint no longer works with Sugar Identity.
{
"old_password" : "-password-",
"new_password" : "-password-"
}
This is the response I get:
{
"valid": false,
"message": "Error: Incorrect password."
}
This is false, even though the password here was also used to get the token for this call. I can only assume that this is because of changes linked to the enabling of Sugar Identity.
Is there a way to work around this, other than changing a Sugar Identity password regularly or changing the password policy?
Thanks!