Skip to main content
A
ADickinson1-Visitor
1-Visitor
August 21, 2019
Solved

Is it possible to generate a user reset password token / link via rest api call ?

  • August 21, 2019
  • 1 reply
  • 2979 views

Hi All

 

I'm writing some Test Automation for Thingworx in Selenium Webdriver with the aim to completely automate some basic platform tests. Part of what I have been testing is the reset password functionality.  I can trigger the generation of emails to reset passwords via Unirest in java , but I still need access to an email address to get the tokens to carryout my testing .

 

Can the user password reset tokens / links be generated directly from the platform using the right credentials ?

 

If not, is there a process which can be followed to allow test automation to create reset password link to check that the correct password settings have been implemented on that part of the platform.

Best answer by Constantine

Hello,

 

My understanding is that the only thing you need to do is create an AppKey for this user programmatically and compose the correct URL, that's it. As soon as you reset the password, ThingWorx will automatically delete the AppKey.

 

Here's a service, which seems to emulate password reset behavior on 7.4. You'll have to run it as Administrator, passing username as parameter. I did not validate it with PTC, so use it on your own risk:

var tokenName = 'temp-' + generateGUID();
Resources["EntityServices"].CreateApplicationKey({ name: tokenName, user: username });
var tokenValue = ApplicationKeys[tokenName].GetKeyID();
var result = "http://URL/Thingworx/FormLogin/reset/APLLICATIONNAME?Summary=" + tokenValue + "&thingworx-form-userid=" + username;

 

Regards,
Constantine

1 reply

S
slangleyCommunity Manager
Support
August 21, 2019

Hi @ADickinson.

 

Have you looked at using the ChangePassword service?  Another option if you're using the Form login page allows you to add a change password link.

 

Please let us know if you have further questions.

 

Regards.

 

--Sharon

A
ADickinson1-VisitorAuthor
1-Visitor
August 22, 2019

Hi @slangley 

 

Thanks for replying to me so quickly. I Have discussed this service with our developers and I'm not sure if I was clear in what I was asking before, but it might just be my experience with the platform so please bare with me if i haven't understood your reply correctly.

 

When i carryout a password reset on my automation test account the email i get back has a link in that looks like this :-

 

https://URL/Thingworx/FormLogin/reset/APLLICATIONNAME?Summary=429e948f-39e2-4104-bad6-cf95b476ecba&thingworx-form-userid=USERNAME

 

What I would like to know if its it possible to generate the reset passord token from an api call or externally to Thingworx in a script i can automate.

 

From talking to my college we weren't sure if that can be done with the change password service. Is this correct or have i misunderstood your reply ?

C
Constantine18-OpalAnswer
18-Opal
August 26, 2019

Hello,

 

My understanding is that the only thing you need to do is create an AppKey for this user programmatically and compose the correct URL, that's it. As soon as you reset the password, ThingWorx will automatically delete the AppKey.

 

Here's a service, which seems to emulate password reset behavior on 7.4. You'll have to run it as Administrator, passing username as parameter. I did not validate it with PTC, so use it on your own risk:

var tokenName = 'temp-' + generateGUID();
Resources["EntityServices"].CreateApplicationKey({ name: tokenName, user: username });
var tokenValue = ApplicationKeys[tokenName].GetKeyID();
var result = "http://URL/Thingworx/FormLogin/reset/APLLICATIONNAME?Summary=" + tokenValue + "&thingworx-form-userid=" + username;

 

Regards,
Constantine

Terms & ConditionsAccessibility statement