Password Change
Password Change Web Service
WARNING
- The password that is included in the envelope is temporary – Changing the password is mandatory before first use.
- Sending of the ‘Nonce’ value in the ChangePassword request is mandatory – you will need a token device to generate OTP.
Please, take account into
- Passwords in the TBC system have an expiration period. After expiration, the password must be changed.
- During the Change of Password (operation ChangePassword) Digipass Code is required in any case;
User can change password only to himself (the username and password in soap header will be used for identifying the user whose password is going to be changed). For an example of a request for changing password see Example 2.
Interface Specification
Change Password Request object
Attribute | Type | Description |
---|---|---|
New Password | String | PASSWORD compliance with the password policy |
Change Password Response object
Attribute | Type | Description |
---|---|---|
Message | String | Informative message returns response text |
Password Policy:
The new password must meet the minimum requirements:
- At least 8 characters long;
- English upper case letters (A through Z);
- English lowercase letters (a through z);
- numerals (0 through 9);
- non-alphabetic characters;
Please note
XML Special character - "&" (ampersand) and "<" (less than) can not be used in the password.
Password must not be the same like username and password must not be the same as current (already
used) password.
In case the user is blocked, password change is not allowed:
In case of sending requests with incorrect credentials several times, user will be temporarily blocked. The user will be unblocked automatically after a specified time or can be unblocked by personal banker upon request.
Security protocol
TLS 1.2 will be required by TBC DBI server.
Example 1: Fault Response In Case That Client User Needs To Change The Password
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Header/> <s:Body> <s:Fault> <faultcode xmlns:a="http://www.mygemini.com/schemas/mygemini">a:CREDENTIALS_MUST_BE_CHANGED </faultcode> <faultstring xml:lang="en">Credentials have to be changed.</faultstring> </s:Fault> </s:Body> </s:Envelope>
Example 2: Change Password Request
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:myg="http://www.mygemini.com/schemas/mygemini"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<soapenv:Header>
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>USERNAME</wsse:Username>
<wsse:Password>CURRENT_PASSWORD</wsse:Password>
<wsse:Nonce>111111</wsse:Nonce>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<myg:ChangePasswordRequestIo>
<myg:newPassword>NEW_PASSWORD</myg:newPassword>
</myg:ChangePasswordRequestIo>
</soapenv:Body>
</soapenv:Envelope>
Example 3: Fault Response In Case Of User Inserts Incorrect UserName Or Password
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Header/> <s:Body> <s:Fault> <faultcode xmlns:a="http://www.mygemini.com/schemas/mygemini">a:INCORRECT_CREDENTIALS </faultcode> <faultstring xml:lang="en">Username or Password is incorrect.</faultstring> </s:Fault> </s:Body> </s:Envelope>
Example 4: Fault Response In Case Of New Password Does Not Match Security Policies
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Header/> <s:Body> <s:Fault> <faultcode xmlns:a="http://www.mygemini.com/schemas/mygemini">a:SECURITY_POLICIES_NOT_MET </faultcode> <faultstring xml:lang="en">New password does not match security policies</faultstring> </s:Fault> </s:Body> </s:Envelope>
Example 5: Success Response
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns2="http://www.mygemini.com/schemas/mygemini"> <SOAP-ENV:Header/> <SOAP-ENV:Body> <ns2:ChangePasswordResponseIo xmlns:i="http://www.w3.org/2001/XMLSchema-instance"> <ns2:message>Credentials have been successfully changed!</ns2:message> </ns2:ChangePasswordResponseIo> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
Updated 8 months ago