I'm writing a script to create users, add them to a group and then send a password reset email from Crowd.
I'm using application credentials to handle this and I can create the user and add them to a group fine, but when I try and request the password reset using
curl -k -D- -u "applicationname:apppassword" -X POST https://mycrowdserver/crowd/rest/usermanagement/1/user/mail/password?username=usertoreset
I get
HTTP/1.1 403 Forbidden
and
XSRF check failed
The documentation suggests "the application is not allowed to update the user's password" but I can't see how I would enable it anywhere in Crowd if it is even disabled.
I can't find a solution to this after a lot of searching, can anyone help please?
Fixed it by adding the following to my request
-H "X-Atlassian-Token:nocheck"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.