Symptom
You have implemented IAS and you are trying to reset the user password for your API user.
When you do this, you are noticing that the password reset is not taking any effect on the odata call.
Environment
- You have implemented IAS
- Your user is an API user
Reproducing the Issue
- go to IAS
- navigate to Users and Authorizations
- select the desired user
- select the Authentication tab
- set a new password for the user
- then trigger an API call and you'll receive a 401
- now try to trigger the same API call with the old password and notice that it will work
Cause
Expected Behavior.
With regards to successfactors APIs, the authentication does not look at the IAS module, this means that regardless of the password that you have defined in IAS, this will not be considered in the API call.
Resolution
To correctly reset a user password for API purposes please follow the steps below:
- login to your SuccessFactors instance
- in Admin Center, search by Reset User Password
- then search your API user
- define the desired password and change it
NOTE: The password reset inside successfactors does not affect the password in IAS and vice versa, this means that if a user is already used to login in SFSF with one password and you need to reset this for API purposes, you can do this without any risk of impacting the capacity of the user to login, in the same way, if you want to change the password to login in SFSF to be different from the API password for the same user, you can reset the password in IAS without any risk of impacting your integrations.
Keywords
401, IAS, LGN0015, incorrect username or password , KBA , LOD-SF-INT-ODATA , OData API Framework , Problem