cancel
Showing results for 
Search instead for 
Did you mean: 

Password Hashing : Using ImportFullAccount API In Error

Rvanjari
Explorer
0 Kudos

Dear All,

I am working on migrating user from 3rd Party to SAP CDC , using a accounts.importFullAccount REST. I am trying to import /Update the Passwords details for an existing user below are the password details i am trying to import using below API call.

https://accounts.aaa.gigya.com/accounts.importFullAccount?userKey=aaa&secret=aaa&uid=aaa&password={"... {"algorithm": "sha512", "salt":"test","rounds":10000,"format":"$password$salt"}}&isRegistered=true,apiKey=aaa&loginIDs={ "emails":[aa.aaa@aa]}&importPolicy=upsert

with above details the password is not getting updated and I am getting error as below :

{"errorCode": 400006,

"errorDetails": "Invalid parameter value",

"errorMessage": "Invalid parameter value",

"apiVersion": 2,

"statusCode": 400,

"statusReason": "Bad Request"}

so where does it goes wrong ? is the parameters passed correctly to update the password?

Many Thanks,

Ruchita

Accepted Solutions (0)

Answers (3)

Answers (3)

jelenavuleta
Member
0 Kudos

Hi Oleh,

Isn't md5 hashed value of "test1234": d0ef2e2ff3a41b3f8e6d9b99e5a2d23f

I have currently the problem with setting up password setting.

I am using DataFlow importaccount component to importaccount and md5 hash to generate password from clear text:

"password":{"hashedPassword":"d0ef2e2ff3a41b3f8e6d9b99e5a2d23f","hashSettings":{"algorithm":"md5"}}

This is generated for password: "test1234".

What am I missing in hash creation?

olehi941
Active Participant
0 Kudos

Hi Ruchita,

Looks like the issue exists on your end with hash algorithm configurations, because if you put valid values - you are able to be logged in.

To check yourself and confirm that CDC works fine with supported hash algorithms, please use the following values in APIs:
- accounts.importFullAccount -> password ->
{ "hashedPassword":"Ftek/KdELdo62TyacmWX5A==","hashSettings":{ "algorithm":"md5" }}
- accounts.login
-> password -> test1234

Kunal_Bansal
Active Contributor
0 Kudos

Hi Ruchita,

I see the example and note that your Password should be hashed in BASE64 format and the rounds might be 20000.

Please try with above recommendation and also follow the documentation - accounts.importFullAccount REST.

Best Regards,

Kunal Bansal, SAP CX Architect

Rvanjari
Explorer
0 Kudos

Hi Kunal,

Thanks for your response, I tried , it does not work and even followed the document.

do you have any sample which you used?

I am referring to sha512 algorithm.

Many Thanks,

Ruchita