UpdateMyPassword error "Password is empty"
Hello everyone,
I want to change the password of my user but if i do so i get the error that the password is empty (see screenshot).
*OldPassword and NewPassword is not emtpy
I hope you can help me.
21 Replies
Hm was the account initialised with a password (in other words: did someone ever login to it))
Hi @FFO, yes the user was initialized before and is active
In that case it is totally odd 😄
Does this happen on a self-hosted zitadel or in our cloud?
(asking because of the version)
its self-hosted
hm @livio have you an idea why this could happen
as the server responds with a proper error it looks to me that API wise everything is in order
Because the user is imported with ImportHumanUser before i thought maybe there was a problem at the import but i tried the same with a new created user too and it didnt work neither.
hm what are the settings you use during import?
maybe this helps
but as i said. even with a new user it didn't work so i don't think the problem is here.
yeah that makes sense
and you can login with that user?
because looking at the code it looks like there is no PW set https://github.com/zitadel/zitadel/blob/19621acfd3d8cb1700d33416fb39d70e794e3e3f/internal/command/user_human_password.go#L100
GitHub
zitadel/user_human_password.go at 19621acfd3d8cb1700d33416fb39d70e7...
ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era. - zitadel/user_human_password.go at 19621acfd3d8cb1700d33416fb39d70e794e3e3f · zitadel/zitadel
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
yes i can login normally and it has no problems with that
ahhhh, that might be
@boblack_zocker could it be that you send along a service user as auth header instead of the users token?
because the auth api will always do CRUD as the user from the auth header
currently yes. im doint that:
on the managment API you could use the https://zitadel.com/docs/apis/proto/management#sethumanpasswordrequest
ZITADEL Docs
This document reflects the state from API 1.0 (available from 20.04.2021)
i tried it with the user token too (Bearer token). But i got an audience error there.
Yes but the problem with that is that the old password is not checked and it doesn't really suit me. Is there a way to use this and check the old password?
I don't want the user to be able to change the password without knowing the old one.
that u get an idea of this problem. here is a screenshot:
If you want to use the users token towards the zitadel API you need to request the zitadel audience by this scope
urn:zitadel:iam:org:project:id:zitadel:aud
Just send this along during the authorization request and you should be able to access zitadels apis with the users bearer tokenWhere do i have to send it along? Is it in the header or body and in what format?
Never mind I managed to add the scope to the access token 😁 Problem solved thanks a lot!
Sorry I was sleeping 😂
But anyhow good to see this is solved 👍