Skip to main content

I’ve looked through the API docs and I wasn’t able to find anything related to user lifecycle.  While PagerDuty supports SCIM (and we’re exploring this) as well as SSO auth (also something we’re looking to configure) I’d sort of think that if there’s an endpoint to create users, kill existing login sessions, and remove users that there might also be an API to reset a password.  Am I just missing this, or is there no way to reset account passwords via the API?

Hi @aporlebeke, thank you for this question! 

There’s currently no way to reset account passwords via the API. 

Just curious, what would be the use case for this? Bulk reset for security purposes, so you wouldn’t have to wait for each individual reset? 

Have a nice day!


@lupimiguel the use case is for individual account resets. We're not in a position to disable username/password auth even though we've already enabled SSO auth. In a situation where we need / want to lockdown an account we have the ability to clear PagerDuty sessions and our upstream IdP, but not also reset a password.

 

Ideally, we'd have an API endpoint which we could optionally specify whether we wanted an email to be generated to the user to set a new password or not, and if not potentially prevent a user from being able to go through the forgot password flow.

 

Fwiw, this is really only an issue for us because we have no way to suspend / deactivate someone's PD account. You either have an account or you don't, and as a result when you have an account there's no way for us to really "lock it down" if needed without forcing SSO sign ins.


Reply