# Create a password Create a new password for the user identified by the user_id path parameter. Endpoint: POST /passwords/{user_id}/create Version: 3.63.5 Security: api-key ## Path parameters: - `user_id` (string, required) The unique identifier for the user. ## Request fields (application/json): - `password` (object, required) The user's password or passcode used to log in a user. Passwords must be: - minimum 8 characters for end-users (Consumers and Corporates); 12 characters for others - maximum 30 characters - include a lowercase character - include an uppercase character - include a digit and a special character - different from any of the 5 last such passwords used. For non-PCI compliant integrations, the password submitted must be tokenised. - `password.value` (string, required) ## Response 200 fields (application/json): - `passwordInfo` (object) Additional information related to the user's password. - `passwordInfo.identityId` (object, required) The identity to which the user's password information belongs to. - `passwordInfo.identityId.type` (string, required) Indicates the identity type. Enum: "CONSUMER", "CORPORATE" - `passwordInfo.identityId.id` (string, required) The identifier for the identity. - `passwordInfo.expiryDate` (integer) The millisecond timestamp indicating when the password will expire. If 0, then this password will not expire. - `token` (string) The authorisation token to be used in the Authorization header for secured operations. ## Response 400 fields (application/json): - `message` (string) When present helps to identify and fix the problem. - `syntaxErrors` (object) Is returned as part of an HTTP error response whenever a syntax error is detected. A list of the fields together with their syntax error will be provided. - `syntaxErrors.invalidFields` (array) - `syntaxErrors.invalidFields.params` (array) - `syntaxErrors.invalidFields.fieldName` (string) - `syntaxErrors.invalidFields.error` (string) Enum: "REQUIRED", "HAS_TEXT", "REQUIRES", "SIZE", "RANGE", "IN", "NOT_IN", "REGEX", "EXACTLY", "AT_LEAST", "AT_MOST", "ALL_OR_NONE" ## Response 404 fields (application/json): - `errorCode` (string) Enum: "TOKEN_EXPIRED", "TOKEN_NOT_FOUND" ## Response 409 fields (application/json): - `errorCode` (string) Enum: "UNRESOLVED_IDENTITY", "PASSWORD_PROFILE_NOT_CONFIGURED_FOR_CREDENTIAL_TYPE", "PASSWORD_TOO_SHORT", "PASSWORD_TOO_LONG", "PASSWORD_TOO_SIMPLE", "PASSWORD_KEY_ALREADY_IN_USE", "PASSWORD_ALREADY_CREATED" ## Response 410 fields (application/json): - `errorCode` (string) Enum: "TOKEN_EXPIRED", "TOKEN_NOT_FOUND" ## Response default fields (application/json): - `code` (string) - `message` (string) ## Response 401 fields ## Response 403 fields ## Response 429 fields ## Response 500 fields ## Response 503 fields