Update password after login

Currently, we are looking into implementing the change password feature (change password flow gets invoked for a logged in user).

We are using the below code to update password after login

var options = { method: ‘PATCH’, url: ‘https://YOUR_DOMAIN/api/v2/users/USER_ID’, headers: {‘content-type’: ‘application/json’}, data: {password: ‘NEW_PASSWORD’, connection: ‘Username-Password-Authentication’} };

But we are getting the below given error

data: { statusCode: 403, error: ‘Forbidden’, message: ‘You cannot update the following fields: password, connection’, errorCode: ‘insufficient_scope’ }

The access token you are using for the management API doesn’t have the right scope. It needs the update:users scope.

John

1 Like