REST API example change password

Hi lowone,

https://cdn.f5.com/websites/devcentral.f5.com/downloads/icontrol-rest-api-user-guide-14-1-0.pdf (page 19)

https://clouddocs.f5.com/training/community/programmability/html/class1/module1/lab3.html#task-3-update-default-user-account-passwords

Something like below should do the trick,

curl -sk -u useraccount -H "Content-Type: application/json" -X PATCH  https://hostname/mgmt/tm/auth/user/useraccount -d '{ "password": "newpassword" }'

Once above is it will prompt for existing password and the change will reflect. The user will have the newpassword set as password.

If you'd need you can send the existing password in the query too.

curl -sk -u useraccount:oldpassword -H "Content-Type: application/json" -X PATCH  https://hostname/mgmt/tm/auth/user/useraccount -d '{ "password": "newpassword" }'

Hope this helps.

Pre-requisite:

1- Admin role user which has authority to change the password

2- user's username of which password will change

3- New password of the user's username

User: test

Admin User: f5osadmin

Python: working on 2.7 and 3

import requests
from requests.auth import HTTPBasicAuth
import json
import urllib3
 
urllib3.disable_warnings()
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)  # suppress SSL error
 
def change_password(b, url, creds):
  payload = { }
  payload['password'] = creds[0]
  #print("Payload: ", payload)
  response1 = b.patch(url, data=json.dumps(payload))
  
  #print(response1.content)
  #print(response1.status_code)
  #print(response1.request.body)
   # Return Boolean 
   if response1 .status_code == int(200):
        pass_bool= True
        return pass_bool
    elif response1 .status_code == int(400) or response1 .status_code == int(401) :
       pass_bool= False
       return pass_bool
 
  
###### TO CHANGE Other non admin user PASSWORD ##################
 
creds=["MyNewPassword123!"]  # user "test" new password 
b = requests.session()
b.auth = ('f5osadmin', 'f5OsaDm1n!')     # F5 admin role user credentials. 
b.verify = False  
b.headers.update({'Content-Type':'application/json'})
if change_password(b, 'https://f5.sik.domain.com/mgmt/tm/auth/user/test', creds):  # user test
  print("password change successful")
else:
  print("password change failed")
 
 
###### END TO CHANGE PASSWORD ##################

Above is basic python code with few verification in print and which can be enhance with try exception

Hope this will help

---
- name: View and Update user
  hosts: f5
  connection: local
  gather_facts: false

  tasks:

  - name: Login via uri Get token
    tags: basic
    ansible.builtin.uri:
      url: 'https://{{ ansible_host }}/mgmt/shared/authn/login'
      return_content: true
      force_basic_auth: true
      method: POST
      body_format: json
      body: "{ \"username\": \"admin\", \"password\": \"S3cretP@55word!\", \"loginProviderName\": \"tmos\"}"
      headers:
        Content-Type: application/json
      validate_certs: false
    register: token

  - name: Show token
    tags: basic
    debug:
      var: token.json.token.token

  - name: View users
    tags: basic
    ansible.builtin.uri:
      url: 'https://{{ ansible_host }}/mgmt/tm/auth/user/cwise'
      headers:
        Content-Type: application/json
        X-F5-Auth-Token: "{{ token.json.token.token }}"
      method: GET
      return_content: true
      validate_certs: false
    register: users

  - name: Show user cwise
    tags: basic
    debug:
      var: users

  - name: Update user passwd
    ansible.builtin.uri:
      url: 'https://{{ ansible_host }}/mgmt/tm/auth/user/cwise'
      headers:
        Content-Type: application/json
        X-F5-Auth-Token: "{{ token.json.token.token }}"
      method: PATCH
      body: "{\"password\": \"n3w5ecret!\"}"
      body_format: json
      validate_certs: false

An Ansible example