Generate OTP
This API allows an admin to generate a One-Time Password (OTP) for user accounts with userNameType set as partner-upn. The OTP is used by users to log in to any Webex application, whereupon they are asked to change their password.
The OTP generated by this API has a default length of 6 digits and expires in 7 days.
Several OTPs can be active for the same user. When the user successfully uses an OTP, all other OTPs are automatically revoked.
The creation of OTPs is logged in the Admin Audit Events.
Possible Error:
- 403: The request was forbidden. OTP generation is restricted to users with a
userNameTypeofpartner-upn. This error occurs if the user does not meet the required criteria for OTP generation.
Authorization:
An OAuth token issued by the Identity Broker is required to access this endpoint. The token must include one of the following scopes:
Identity:one_time_passwordorIdentity:Config
Administrator Roles:
The following administrators have permission to use this API:
Org Full Admin: Can generate OTPs for non-email-type users in their organization.Partner Full Admin: Can generate OTPs for User/Machine Accounts in Customer Orgs.Org User Admin: Can generate OTPs for User/Machine Accounts within their organization.
URI Parameters
The Webex Identity-assigned organization identifier for a user's organization.
The Common Identity-assigned user identifier for an existing user (entryUUID).
Response Properties
The One-Time Password generated for the user.
The expiration time for the OTP in seconds (default: 7 days).
Response Codes
The list below describes the common success and error responses you should expect from the API:
| Code | Status | Description |
|---|---|---|
| 200 | OK | Successful request with body content. |
| 201 | Created | The request has succeeded and has led to the creation of a resource. |
| 202 | Accepted | The request has been accepted for processing. |
| 204 | No Content | Successful request without body content. |
| 400 | Bad Request | The request was invalid or cannot be otherwise served. An accompanying error message will explain further. |
| 401 | Unauthorized | Authentication credentials were missing or incorrect. |
| 403 | Forbidden | The request is understood, but it has been refused or access is not allowed. |
| 404 | Not Found | The URI requested is invalid or the resource requested, such as a user, does not exist. Also returned when the requested format is not supported by the requested method. |
| 405 | Method Not Allowed | The request was made to a resource using an HTTP request method that is not supported. |
| 409 | Conflict | The request could not be processed because it conflicts with some established rule of the system. For example, a person may not be added to a room more than once. |
| 410 | Gone | The requested resource is no longer available. |
| 415 | Unsupported Media Type | The request was made to a resource without specifying a media type or used a media type that is not supported. |
| 423 | Locked | The requested resource is temporarily unavailable. A Retry-After header may be present that specifies how many seconds you need to wait before attempting the request again. |
| 428 | Precondition Required | File(s) cannot be scanned for malware and need to be force downloaded. |
| 429 | Too Many Requests | Too many requests have been sent in a given amount of time and the request has been rate limited. A Retry-After header should be present that specifies how many seconds you need to wait before a successful request can be made. |
| 500 | Internal Server Error | Something went wrong on the server. If the issue persists, feel free to contact the Webex Developer Support team. |
| 502 | Bad Gateway | The server received an invalid response from an upstream server while processing the request. Try again later. |
| 503 | Service Unavailable | Server is overloaded with requests. Try again later. |
| 504 | Gateway Timeout | An upstream server failed to respond on time. If your query uses max parameter, please try to reduce it. |