Password Verification¶
When a user needs to change their password in your application, you may need to verify their existing password for security reasons. Since Backendless stores passwords in the encrypted format and never returns the password value, you need to use the API call documented below to implement password verification. This functionality is available only in Cloud Code/Business Logic. The API checks the provided password value against the one stored in the database. User must be logged - Backendless verifies provided value for the currently logged in user.
It is important the REST API is used with the Cloud Code API key.
Method¶
POST
Endpoint URL¶
https://api.backendless.com/application-id/CLOUDCODE-api-key/users/verifypassword
where:
| Argument | Description |
|---|---|
application-id |
The ID of your application. You can obtain the value in the Manage > App Settings section of the Backendless Console. |
CLOUDCODE-api-key |
CloudCode API key of your application. You can obtain the value in the Manage > App Settings section of the Backendless Console. |
Request Headers¶
user-token: value-of-the-user-token-header-from-login
Content-Type:application/json
where
| Argument | Description |
|---|---|
user-token |
A value returned by Backendless in the response for the preceding Login operation. The value identifies the user to be logged out. This header is mandatory. |
Content-Type |
Must be set to application/json. This header is mandatory. |
Request Body¶
{
"password" : "password value to verify"
}
Response Body¶
true is the password is correct, otherwise false.
Codeless Reference¶
The block is available under BACKENDLESS > Users API:
