{ "swagger":"2.0", "info":{ "title":"REST API for OTP Forgot Password in Oracle Access Manager", "description":"The Oracle Access Manager OTP based forgot password REST API helps you to create and validate the OTP for users through the OTP forgotpassword link on OAM login", "version":"2025.02.19", "x-summary":"The Oracle Access Manager OTP based forgot password REST API helps you to create and validate the OTP for users through the OTP forgotpassword link on OAM login" }, "schemes":[ "https" ], "basePath":"/iam/admin/access/api/v1/config", "produces":[ "application/json" ], "paths":{ "/otpforgotpassword":{ "get":{ "summary":"Get the configuration for otpforgotpassword", "description":"This REST API tells whether otpforgotpassword feature\nis enabled in OAM and whether the default login page has the link to the forgot password page. It also mentions the exact forgotpassword page url.", "tags":[ "OTPForgotPasswordConfig" ], "responses":{ "200":{ "description":"The OTP forgot password configuration is retrieved successfully", "schema":{ "$ref":"#/definitions/ConfigureForgotPasswordLinkResponse" } }, "401":{ "description":"Unauthorized" }, "500":{ "description":"Internal Server Error" } }, "x-internal-id":"otpforgotpassword-get", "x-filename-id":"otpforgotpassword-get" }, "put":{ "summary":"Update the configuration for otpforgotpassword", "description":"This REST API tells lets admin configure otpforgotpassword feature in OAM and whether the default login page has the link to the forgot password page. It also has the exact forgotpassword page url. Note that to enable this feature the OAAM needs to be enabled in OAM", "parameters":[ { "in":"body", "name":"body", "description":"The configuration for forgotpassword link request object", "required":true, "schema":{ "$ref":"#/definitions/ConfigureForgotPasswordLinkRequest" } } ], "tags":[ "OTPForgotPasswordConfig" ], "responses":{ "200":{ "description":"The OTP forgot password configuration is updated successfully", "schema":{ "$ref":"#/definitions/ConfigureForgotPasswordLinkResponse" } }, "401":{ "description":"Unauthorized" }, "500":{ "description":"Internal Server Error" } }, "x-internal-id":"otpforgotpassword-put", "x-filename-id":"otpforgotpassword-put" } } }, "definitions":{ "ConfigureForgotPasswordLinkRequest":{ "type":"object", "properties":{ "displayOTPForgotPassworLink":{ "type":"boolean", "description":"Whether to show the OTP forgot password link on OAM or not. If its specified as false, all the other values in the request object are ignored." }, "defaultOTPForgotPasswordLink":{ "type":"boolean", "description":"Whether to use OOTB default OTP forgot password page for user to change his password. f this is specified as true, then the next forgotpasswordURL value is ignored." }, "localtoOAMServer":{ "type":"boolean", "description":"whether the forgot password URL is local to OAM server or at a different location." }, "forgotPasswordURL":{ "type":"string", "description":"This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server" }, "mode":{ "type":"string", "description":"This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3) userselectchallenge -- otp will be sent to user, based on user selecting one of masked display challenges. 4) userchoose -- otp will be sent to user, based on selection of email or sms keywords. 5)totp -- time based otp coming from application installed on user's device" }, "errorLevel":{ "type":"string", "description":"This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external and default value is internal." }, "customWebRoot":{ "type":"string", "description":"This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion. " } } }, "ConfigureForgotPasswordLinkResponse":{ "type":"object", "properties":{ "displayOTPForgotPasswordLink":{ "type":"boolean", "description":"Whether to show the OTP forgot password link on OAM or not. If its specified as false, the value for the forgotPasswordURL is not used and the link is not showed on the OAM default login page." }, "forgotPasswordURL":{ "type":"string", "description":"This is the exact URL that the user will be taken to for changing his password. It can be local to OAM server" }, "mode":{ "type":"string", "description":"This descibes the mode in which the otpchangepassword app will be presented to the user. The valid list of values are 1)email -- otp will be sent to the user's mail. 2)sms -- otp will be sent to user's mobile via sms. 3)userselectchallenge -- otp will be sent to user, based on user selecting one of masked display challenges. 4)userchoose -- otp will be sent to user, based on selection of email or sms keywords. 5)totp -- time based otp generated in user's device." }, "errorLevel":{ "type":"string", "description":"This is the error level of the error that will be displayed to the user. Internal error level shows a detailed message to the end user. Valid values are internal and external." }, "customWebRoot":{ "type":"string", "description":"This is the url path of the custom web pages deployed for look and feel changes for the otp forgot password applicaion. " } } } }, "tags":[ { "name":"OTPForgotPasswordConfig", "description":"The operations from the OTPForgotPasswordConfig category." } ] }