Overview
The Change Password API (POST /dbconnections/change_password ) requires the ‘connection’ parameter This article explains the purpose of this parameter and whether it can be used for Enterprise connections.
Applies To
- dbconnections/change_password
- Change password API
Solution
As mentioned in the link below, this endpoint will only work for database-type connections:
Auth0 does not control or store the user credentials that exist on Enterprise or Social connections.
- These users are managed by the third-party Identity Provider (IdP_ the connection is pointed at, such as Azure Active Directory (AD).
- An Enterprise or Social connection user must change their password via the relevant IdP processes. The Enterprise or Social IdP is the “source of truth” in this configuration.
If the wrong connection type is attempted to be used with this endpoint, the below error response will be seen:
{ “error”: “Specified connection is not supported for this operation” }
- The endpoint can distinguish between connection types but will only work with Database connections.
- The connection parameter is required as it is possible to have multiple Database connections on a tenant, and an email address may not be unique across those database connections. Therefore, an email address input alone cannot be used to locate the user reliably.