Password Change Web Service

❗️

WARNING

• The password that is included in the envelope is temporary – Changing the password is mandatory before first use.
• Sending of the ‘Nonce’ value in the ChangePassword request is mandatory – you will need a token device to generate OTP.

📘

Please, take account into

• Passwords in the TBC system have an expiration period. After expiration, the password must be changed.
• During the Change of Password (operation ChangePassword) Digipass Code is required in any case;

User can change password only to himself (the username and password in soap header will be used for identifying the user whose password is going to be changed). For an example of a request for changing password see Example 2.

Interface Specification

Change Password Request object

Change Password Response object

Password Policy:

The new password must meet the minimum requirements:

• At least 8 characters long;
• English upper case letters (A through Z);
• English lowercase letters (a through z);
• numerals (0 through 9);
• non-alphabetic characters;

🚧

Please note

XML Special character - "&" (ampersand) and "<" (less than) can not be used in the password.

Password must not be the same like username and password must not be the same as current (already
used) password.

In case the user is blocked, password change is not allowed:

In case of sending requests with incorrect credentials several times, user will be temporarily blocked. The user will be unblocked automatically after a specified time or can be unblocked by personal banker upon request.

📘

Security protocol

TLS 1.2 will be required by TBC DBI server.

❗️

Example 1: Fault Response In Case That Client User Needs To Change The Password

XML

<s:Envelope
	xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
	<s:Header/>
	<s:Body>
		<s:Fault>
			<faultcode
				xmlns:a="http://www.mygemini.com/schemas/mygemini">a:CREDENTIALS_MUST_BE_CHANGED
			</faultcode>
			<faultstring xml:lang="en">Credentials have to be changed.</faultstring>
		</s:Fault>
	</s:Body>
</s:Envelope>

Example 2: Change Password Request

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:myg="http://www.mygemini.com/schemas/mygemini"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <soapenv:Header>
  <wsse:Security>
    <wsse:UsernameToken>
      <wsse:Username>USERNAME</wsse:Username>
      <wsse:Password>CURRENT_PASSWORD</wsse:Password>
      <wsse:Nonce>111111</wsse:Nonce>
    </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
    <myg:ChangePasswordRequestIo>
    <myg:newPassword>NEW_PASSWORD</myg:newPassword>
  </myg:ChangePasswordRequestIo>
  </soapenv:Body>
</soapenv:Envelope>

❗️

Example 3: Fault Response In Case Of User Inserts Incorrect UserName Or Password

XML

<s:Envelope
	xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
	<s:Header/>
	<s:Body>
		<s:Fault>
			<faultcode
				xmlns:a="http://www.mygemini.com/schemas/mygemini">a:INCORRECT_CREDENTIALS
			</faultcode>
			<faultstring xml:lang="en">Username or Password is incorrect.</faultstring>
		</s:Fault>
	</s:Body>
</s:Envelope>

❗️

Example 4: Fault Response In Case Of New Password Does Not Match Security Policies

XML

<s:Envelope
	xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
	<s:Header/>
	<s:Body>
		<s:Fault>
			<faultcode
				xmlns:a="http://www.mygemini.com/schemas/mygemini">a:SECURITY_POLICIES_NOT_MET
			</faultcode>
			<faultstring xml:lang="en">New password does not match security policies</faultstring>
		</s:Fault>
	</s:Body>
</s:Envelope>

👍

Example 5: Success Response

XML

<SOAP-ENV:Envelope
	xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:ns2="http://www.mygemini.com/schemas/mygemini">
	<SOAP-ENV:Header/>
	<SOAP-ENV:Body>
		<ns2:ChangePasswordResponseIo
			xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
			<ns2:message>Credentials have been successfully changed!</ns2:message>
		</ns2:ChangePasswordResponseIo>
	</SOAP-ENV:Body>
</SOAP-ENV:Envelope>