I want to create a User or change the password from a User with the API. We are using a custom front-end where we use data from SuiteCRM. So SuiteCRM is a backend for some users. We can get everything with te API, but now I want to give users the possibility to change their password in the front-end. They can change all of their account data, but their passwords need an encryption.
The API endpoint I use to change User-data is a PATCH-method with the url: {basicUrl}/Api/V8/module and with a body:
I am using an JavaScript platform (Vue.js). So it’s possible to send a plain text as “user_hash”, but the API endpoint doesn’t convert it to any hashed password. I already noticed that the application first encrypt the password with md5 and next the md5-password will be encrypted by BCrypt.
I’m thinking it’s better to create a new attribute, like “password”, and send it as attribute in my body to the API endpoint. Then I have to change the endpoint and use the function to encrypt the password. I think this will be better then encrypt the password in my JavaScript application.