Start a new topic

Modifying a user changes the authtoken using REST API

Was just tearing my hair out over this... apparently when I have the user change their User record, the authtoken changes and I'm no longer able to authenticate them unless they log in all over again. This doesn't seem to be documented in the REST API under "User -> UPDATE", which would seem to be an oversight. Specifically, I was updating the user's 'email' property.
1 Comment

Hi Mike,

Updating certain properties does change the authtoken. It's best practice that when the active user is updated to always look for a _kmd.authtoken, and if one is there, use the newer credential. We will review the documentation and make this clearer. Thanks.
Login or Signup to post a comment