Back to Collection Items
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
$oHttp = ObjCreate("Chilkat.Http")
Local $bSuccess
; Use this online tool to generate code from sample JSON: Generate Code to Create JSON
; The following JSON is sent in the request body.
; {
; "username": "<username>",
; "newpassword": "<new password>",
; "otp": "<OTP sent ot end user>"
; }
$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.UpdateString("username","<username>")
$oJson.UpdateString("newpassword","<new password>")
$oJson.UpdateString("otp","<OTP sent ot end user>")
Local $oResp = $oHttp.PostJson3("https://login.salesforce.com{{site}}/services/auth/headless/forgot_password","application/json",$oJson)
If ($oHttp.LastMethodSuccess = False) Then
ConsoleWrite($oHttp.LastErrorText & @CRLF)
Exit
EndIf
ConsoleWrite($oResp.StatusCode & @CRLF)
ConsoleWrite($oResp.BodyStr & @CRLF)
Curl Command
curl -X POST
-d '{
"username": "<username>",
"newpassword": "<new password>",
"otp": "<OTP sent ot end user>"
}'
https://login.salesforce.com{{site}}/services/auth/headless/forgot_password
Postman Collection Item JSON
{
"name": "Forgot Password - Change Password",
"protocolProfileBehavior": {
"disabledSystemHeaders": {
"accept": true,
"accept-encoding": true,
"connection": true,
"user-agent": true
}
},
"request": {
"auth": {
"type": "noauth"
},
"method": "POST",
"header": [
],
"body": {
"mode": "raw",
"raw": "{\n \"username\": \"<username>\",\n \"newpassword\": \"<new password>\",\n \"otp\": \"<OTP sent ot end user>\"\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{url}}{{site}}/services/auth/headless/forgot_password",
"host": [
"{{url}}{{site}}"
],
"path": [
"services",
"auth",
"headless",
"forgot_password"
]
},
"description": "Forgot Password/Change Password is a two step process:\nIn the first step you pass a username and recaptcha token into the endpoint. Salesforce then sends an OPT to the end user. In the second step you collect that OTP from the end user, confirming that they do own the email associated to the user, and the new password. This call is the second step in that process."
},
"response": [
]
}