SAP Knowledge Base Article - Public

2223026 - How to override the default password while creating a new user using User entity in a SuccessFactors system

Symptom

While creating new users, a password must also be set to the user to log into the SuccessFactors system.

User entity provides the functionality to override the default password which is the username.

Environment

Successfactors BizX, API

Reproducing the Issue

There might be some issues while setting the password in the following scenarios:

1. From an SAP ERP On-Premise system to an SAP SuccessFactors system using RH_SFI_SYNCH_EMP_DATA report data is being upserted.

2. Any 3rd party system which sends the data to successfactors system through SFAPI entity User.

Resolution

Please check the below steps to check how to change the default passwords for User Entities:

1. We can use the inbuilt field password to override the default password.

Example :

<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
    <Body>
        <upsert xmlns="urn:sfobject.sfapi.successfactors.com">
           <type>User</type>
           <sfobject>
           <type>User</type>
           <status>active</status>
           <externalId>99831449659</externalId>
           <username>33855</username>
           <firstName>Rocky</firstName>
           <lastName>Example</lastName>
           <gender>M</gender>
           <email>xxx@test.com</email>
           <managerExternalId>NO_MANAGER</managerExternalId>
           <hrExternalId>NO_HR</hrExternalId>
           <department>SVCS</department>
           <jobCode>HR-ALYST</jobCode>
           <division>HC</division>
           <timeZone>America/Sao_Paulo</timeZone>
           <hireDate>2015-09-01</hireDate>
           <empId>24</empId>
           <title>Especialista II de Marketing e Comunic.</title>
           <businessPhone>-</businessPhone>
           <addressLine1>Av. Marechal Camara, 171 Lote 10 Quadra B</addressLine1>
           <addressLine2>Castelo</addressLine2>
           <city>Rio de Janeiro</city>
           <country>US</country>
           <zipCode>20020-901</zipCode>
           <lastReviewDate>2015-09-23</lastReviewDate>
           <defaultLocale>EN_US</defaultLocale>
           <dateOfBirth>1970-01-01</dateOfBirth>
           <dateOfPosition>2015-09-01</dateOfPosition>
           <password>abc124</password>
           </sfobject>
             <processingParam>
               <name>sendWelcomeMessage</name>
               <value>true</value>
             </processingParam>
        </upsert>
    </Body>
</Envelope>

2. We can use the defaultPassword processing parameter and it can be any of the following:

{USERNAME, externalId, EMAIL, FIRSTNAME, LASTNAME,RANDOM_PWD}

Example:

<processingParam>
     <name>defaultPasswordField</name> 
     <value>EXTERNALID</value> 
</processingParam>

This processing parameter creates password as field value passed in <value> tag.
Note : The first method suggested overrides the processing parameters if both are used


IMPORTANT:
Parameter values USERNAME, externalId, EMAIL, FIRSTNAME, and LASTNAME are unsafe password values. We recommend that you use system-generated random passwords (RANDOM_PWD) when creating users. You can enable the Use System Generated Password by Default option in Admin Center Platform Feature Settings to force all new and existing API requests to use system-generated random passwords except for the ones with values specified in the password field. Note that you need to review your existing API calls to make sure they continue to work after enabling the option. For additional details, please review defaultPasswordField in sections 6.7. Optional Business Processing Parameters and 6.13 Passwords of https://help.sap.com/doc/0bd2f6fea0154ac6aacd44f1cacbfc71/latest/en-US/SF_HCM_SFAPI_DEV.pdf 

See Also

  1. Customer Community post -> Changes to Default Password Generation Coming October 9, 2020 Weekend
  2. Partner Community post -> Proactive Partner Update - Default Password Generation Changes Coming October 9, 2020 Weekend
  3. KBA (Platform) -> 2932190 - Changes to Default Password Generation in BizX Users
  4. KBA (Employee Central) -> 2931642 - SAP SuccessFactors Employee Central: Default Password Generation
  5. Jam Group -> Changes to SAP SuccessFactors HXM Suite Default Password Generation
  6. KBA (INT) -> 2975404 - How to manage the security change to using random password generation on SuccessFactors APIs

Keywords

USERNAME, externalId, EMAIL, FIRSTNAME, LASTNAME,RANDOM_PWD, defaultPasswordfield, API, SFAPI, default password
, KBA , user entity password override , how to set default password for user , LOD-SF-INT-API , API & Adhoc API Framework , LOD-SF-INT , Integrations , LOD-SF-INT-ODATA , OData API Framework , LOD-SF-INT-CE , Compound Employee API , How To

Product

SAP SuccessFactors HCM Core all versions