Skip to main content

Password Profiles

A password_profile resource represents a specific configuration that allows users to authenticate through username and password.

Password Profiles support One-Time Password Tokens, which can be used to use passwordless login or password reset.

An authentication realm can have multiple Password Profiles. You can use this flexibility in many ways. For instance, if you want to migrate an existing pool of users from another system with their own usernames and passwords, they can use one profile, while the rest of the users use another.

Another use case is enabling shopper impersonation, where shoppers can authenticate using their own username and password in one profile. Meanwhile, admins can have a different username and password for the same user in a separate profile, shown as the "Impersonation Profile". This process can be automated using a Backend-For-Frontend (BFE) or One-Time Password Tokens. In the example shown below, both John and Joan can log in with their credentials, and an admin can also log in as Joan using the "Impersonation Profile".

password profiles

The Password Profile object

AttributeTypeDescription
idstringThe unique identifier for this password profile.
metaobjectAdditional information for this password profile. For more information, see The meta object.
username_formatstringThe username_format of the password profile. You can change the username-format setting. However, the changes apply only to the users created or updated after changing this setting. The new setting does not change the username_format for existing users. The options are:
  • any
  • email
namestringThe name of the password profile.
typestringThe type of object returned. You must use password_profile.
enable_one_time_password_tokenbooleanThis enables one time password token requests and events for authentication. This feature is disabled by default.

Sample Object

{
"data": {
"meta": {
"created_at": "2021-06-03T20:21:04.579Z",
"updated_at": "2021-06-03T20:21:04.579Z"
},
"type": "password_profile",
"id": "cfec5b5b-abc8-4c49-8247-495b511607fc",
"username_format": "email",
"name": "password profile",
"enable_one_time_password_token" : true
},
"links": {
"self": "http://useast.api.elasticpath.com/v2/authentication-realms/c624ab3d-44f0-49cc-bff7-446ff39a24f0/password-profiles/cfec5b5b-abc8-4c49-8247-495b511607fc"
}
}

The meta Object

AttributeTypeDescription
meta.created_atstringThe creation date of this password profile.
meta.updated_atstringThe last updated date of this password profile.