I am working on a java client that links the UAA-API with my java controller. I have been facing issues in implementing the Password change functionality. Even with Postman I am unable to get the desired result.
Following is how I am making the request: My API Endpoint is:
https://2bcddc1b-01be-4d79-a2c4-ee583984f538.predix-uaa.run.aws-usw02-pr.ice.predix.io/Users/8f47875b-a1c8-47d4-bdde-79eb178eaed8/password
Following are the headers:
Content-Type: application/json
Authorization: Bearer <user-access-token-generated after login>
Pragma: no-cache
Everytime i make a request it gives the following response:
{
"error": "access_denied",
"error_description": "Invalid token does not contain resource id (password)"
}
This is the API:
https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst#change-password-put-users-id-password
The endpoint requires password.write scope.
An access token contains scopes. In order for the access token to contain the password.write scope, both the client and the user have to have the password.write scope
password.write is a default user scope - all users have it
In your case, the client that received the token, does NOT have password.write, so you access token will not have it either.