Hi
It seems to me there are two possibilities to change a password:
Either 1)
void changePassword(
String sessionId,
String currentPassword,
String newPassword)
or 2)
sendNewPassword(
String emailAddr,
String subject,
String countryCode)
The problem with 1) is that one has to know the current plain text password, hence cannot be used for "password forgot"
and 2) has the problem that KonaKart is creating/sending a new password directly to the user, whereas we would
like to send only a link with a hashed URL (contained within the email) to the user, which then the user has to click on
and can create his/her new password by her/himself, but this would requires an API method like
void changePassword(
String sessionId,
String newPassword)
or is there any other possibility?
Thanks
Michael
... of course the SOAP API should be protected, such that only the Content Management System or whatever third-party application is able to use this SOAP API. Is this possible somehow, e.g. IP based?
As an alternative solution one could generate a hash together with the new password which Konakart sends and then use again
void changePassword(
String sessionId,
String currentPassword,
String newPassword)
Thanks
Michael