1. Home
  2. LogonBox SSPR
  3. Business Rules
  4. Webhooks
  5. Using a Webhook to reset passwords

Using a Webhook to reset passwords

Can't find what you're looking for?
Request Supporthere

Ashley Grant 3 July, 2024

In our previous article, "What is a Webhook?" we discussed what Webhooks are and how they can be used within LogonBox to automate certain tasks and actions. In this article, we will now provide an example of creating and using a Webhook to reset passwords on user accounts.

To begin creating the Webhook, select the Create button.

 

In the Create Webhook window, we need to set a name and some basic details. The URL ID entry is used to identify which Webhook is being called, the URL Method determines which method is used to gather the information used, in this case we will select URL with Parameters, but you could also opt for sending the request via Json or a HTTP POST request (form).

 

 

Next, in the Parameters tab, we can define the required parameters. In this case, we only really need to send the username.

Click the + and type in username in the left column (the right column can be left blank, this is used for an option regular expression to validate the input).

 

On the Authentication tab, for security, it is recommended to add an IP address which you will allow the incoming webhook request to come from.

Add your IP and click +

Select Create to create the Webhook.

 

The Webhook has now been created and added to the list.

 

Select the + icon to the left of the entry to expand the Webhook and click the + in the Change Password box.

 

This opens a new window where we define what task to perform when we see the incoming request (Note: you may need to refresh your browser before clicking + for this new window to display correctly).

Give this new task a Name and set Triggers On to Success.

In Triggers Task, start typing Change Password and select it when it appears.

 

 

Select the Password tab, for Principal Name, click the ${} button and select a replacement that looks like ${event.webhook.123456.username} (the numbers will be unique to your config).

This will be used by the webhook to take the username from the request and place it in this field.

For this example, we will leave Generate and Force Change to ON.

This way, we don't have to send the password in the request. Instead, LogonBox will create a random password and email the user about this password (and force change on next login).

If you wanted to pass a new password in with the request, you would need to define a password parameter in the initial webhook.

Click Create to finish.

 

Your configuration is now complete.

 

With this Webhook completed, we can now test that the creation process is working.

With the settings we've configured, we need to construct a URL with the details for the user, this will look something like this:

https://logonboxtest.local/app/api/webhooks/publish/change-password?username=jbloggs