cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Need to share some code when posting a question or reply? Make sure to use the "Insert code sample" menu option. Learn more! X

API for updated LDAP authentication Principal Name password

Daniel_KCC
2-Guest
2-Guest
‎Jul 16, 2022 10:43 AM
‎Jul 16, 2022 10:43 AM

API for updated LDAP authentication Principal Name password

Hi folks,

 

We have a thingworx instance per mill (around 70)... On the FactoraWindowsAuthenticator service we have defined the AD user to connect to LDAP to validate operators logins. these users (one per mill) has its password expired every couple of months, so every time somebody need to logon to thingworx composer and update the password (see image attached)

 

So we were looking a way to update via APIs to be triggered by a BOT, I found in this link (https://support.ptc.com/help/thingworx_hc/javadoc_8/)

 

Class: com.thingworx.security.authentication.Authenticator

Method:  setCredentials

 

A) Im not sure if this is the correct method to update principal name password

B) If it is, I'm not sure how to call it.. I've been trying to do some test from postman without luck.

 

anyone looking for the same and that came across same requirement?

 

 

Labels:
Preview file
151 KB
0 Kudos
Notify Moderator
1 REPLY 1
slangley
23-Emerald II
23-Emerald II
(To:Daniel_KCC)
‎Jul 21, 2022 11:38 AM
‎Jul 21, 2022 11:38 AM

Hi @DS_10150612.

 

Is it possible for you to set up the Administrator account as a service account that isn't susceptible to the global password expiration policy in your authenticator?  Have you considered using another authentication method that isn't susceptible to this, such as SSO?

 

The API update method would be more susceptible to security violations, so it's not recommended.

 

Regards.

 

--Sharon

Notify Moderator
Top Tags