Skip to main content
Star OpenZiti on GitHub Star

Password Management

For identities using username password (UPDB) authenticators the following actions are supported:

  • administrative password resets
  • client initiated password rotation

Administrative Password reset

Passwords may be reset via the Edge Management API by an administrative client.

OpenZiti CLI

ziti edge update authenticator updb --identity <identityIdOrName> -p <newPassword>

Management API

PUT /edge/management/v1/authenticators/<id>

{
    "password": "<new-password>"
}

Client Password change

Passwords may be reset via the Edge Management API or Edge Client API by the currently authenticated client.

OpenZiti CLI

ziti edge update authenticator updb -c <currentPassword> -n <newPassword>

Client or Management API

PUT /edge/client/v1/current-identity/authenticators/<id>

{
    "currentPassword": "<current-password>",
    "password": "<new-password>"
}