diff --git a/README.md b/README.md index 67ee6a3..ec4ef0b 100644 --- a/README.md +++ b/README.md @@ -616,13 +616,15 @@ end #### Set or Expire User Password -You can set or expire a user's password. -Note: When setting a password, it will automatically be set as expired. -The user will not be able log-in using an expired password, and will be required replace it on next login. +You can set a new active password for a user, which they can then use to sign in. You can also set a temporary +password that the user will be forced to change on the next login. ```ruby +# Set a user's temporary password +descope_client.set_temporary_password(login_id: '', password: ''); + # Set a user's password -descope_client.set_password(login_id: '', password: ''); +descope_client.set_active_password(login_id: '', password: ''); # Or alternatively, expire a user password descope_client.expire_password('') diff --git a/lib/descope/api/v1/management/common.rb b/lib/descope/api/v1/management/common.rb index 03e0097..2479285 100644 --- a/lib/descope/api/v1/management/common.rb +++ b/lib/descope/api/v1/management/common.rb @@ -34,6 +34,8 @@ module Common USER_UPDATE_CUSTOM_ATTRIBUTE_PATH = '/v1/mgmt/user/update/customAttribute' USER_ADD_ROLE_PATH = '/v1/mgmt/user/update/role/add' USER_REMOVE_ROLE_PATH = '/v1/mgmt/user/update/role/remove' + USER_SET_TEMPORARY_PASSWORD_PATH = '/v1/mgmt/user/password/set/temporary' + USER_SET_ACTIVE_PASSWORD_PATH = '/v1/mgmt/user/password/set/active' USER_SET_PASSWORD_PATH = '/v1/mgmt/user/password/set' USER_EXPIRE_PASSWORD_PATH = '/v1/mgmt/user/password/expire' USER_ADD_TENANT_PATH = '/v1/mgmt/user/update/tenant/add' diff --git a/lib/descope/api/v1/management/user.rb b/lib/descope/api/v1/management/user.rb index 33791e0..0110bd0 100644 --- a/lib/descope/api/v1/management/user.rb +++ b/lib/descope/api/v1/management/user.rb @@ -385,6 +385,23 @@ def user_remove_tenant_roles(login_id: nil, tenant_id: nil, role_names: []) post(Common::USER_REMOVE_TENANT_PATH, body) end + def set_temporary_password(login_id: nil, password: nil) + body = { + loginId: login_id, + password: + } + post(Common::USER_SET_TEMPORARY_PASSWORD_PATH, body) + end + + def set_active_password(login_id: nil, password: nil) + body = { + loginId: login_id, + password: + } + post(Common::USER_SET_ACTIVE_PASSWORD_PATH, body) + end + + # Deprecated (use set_temporary_password(..) instead) def set_password(login_id: nil, password: nil) body = { loginId: login_id, diff --git a/spec/lib.descope/api/v1/management/user_spec.rb b/spec/lib.descope/api/v1/management/user_spec.rb index 4f59ba1..8ed1676 100644 --- a/spec/lib.descope/api/v1/management/user_spec.rb +++ b/spec/lib.descope/api/v1/management/user_spec.rb @@ -548,6 +548,46 @@ end end + context '.set_temporary_password' do + it 'is expected to respond to a set_temporary_password method' do + expect(@instance).to respond_to(:set_temporary_password) + + expect(@instance).to receive(:post).with( + USER_SET_TEMPORARY_PASSWORD_PATH, { + loginId: 'someone@example.com', + password: 's3cr3t' + } + ) + + expect do + @instance.set_temporary_password( + login_id: 'someone@example.com', + password: 's3cr3t' + ) + end.not_to raise_error + end + end + + context '.set_active_password' do + it 'is expected to respond to a set_active_password method' do + expect(@instance).to respond_to(:set_active_password) + + expect(@instance).to receive(:post).with( + USER_SET_ACTIVE_PASSWORD_PATH, { + loginId: 'someone@example.com', + password: 's3cr3t' + } + ) + + expect do + @instance.set_active_password( + login_id: 'someone@example.com', + password: 's3cr3t' + ) + end.not_to raise_error + end + end + context '.set_password' do it 'is expected to respond to a set_password method' do expect(@instance).to respond_to(:set_password)