SAP Knowledge Base Article - Public

3335403 - After reseting an user password in IAS I am still unable to perform API calls

Symptom

When implementing the Identity Authentication Service (IAS) and attempting to reset the password for your API user,

you notice that the password reset has no effect on the oData call.

Environment

  • SAP SuccessFactors HCM Suite
    • Identity Authentication Service

Reproducing the Issue

  1. go to IAS
  2. navigate to Users and Authorizations
  3. select the desired user
  4. select the Authentication tab
  5. set a new password for the user
  6. then trigger an API call and you'll receive a 401
  7. now try to trigger the same API call with the old password and notice that it will work

Cause

Expected Behavior.

With regards to successfactors APIs, the authentication does not look at the IAS module, this means that regardless of the password that you have defined in IAS, this will not be considered in the API call.

Resolution

To correctly reset a user password for API purposes, please follow the steps below:

  1. Log in to your SuccessFactors instance.
  2. In the Admin Center, search for "Reset User Password."
  3. Search for your API user.
  4. Define the desired password and change it.

NOTE: The password reset within SuccessFactors does not affect the password in IAS and vice versa. This means that if a user is already using one password to log in to SuccessFactors and you need to reset this for API purposes, you can do so without any risk of impacting the user's ability to log in. Similarly, if you want to change the login password in SuccessFactors to be different from the API password for the same user, you can reset the password in IAS without any risk of impacting your integrations. 

Keywords

401, IAS, LGN0015, incorrect username or password, Identity Authentication Service, user password reset,  , KBA , LOD-SF-INT-ODATA , OData API Framework , Problem

Product

SAP SuccessFactors HCM Suite all versions