Skip to content

Commit 82141a9

Browse files
authored
Merge pull request DSpace#346 from saschaszott/saschaszott-patch-6
epersonregistrations.md: clarify eperson registration / password reset POST endpoint description
2 parents 2eb8a13 + bdd26fb commit 82141a9

1 file changed

Lines changed: 8 additions & 8 deletions

File tree

epersonregistrations.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -177,33 +177,33 @@ Status codes:
177177
* 422 Unprocessable Entity - if the email address was omitted or the operation is not valid
178178

179179
## Create new EPerson registration
180+
180181
**POST /api/eperson/registrations?accountRequestType={requestType_forgot_or_register}**
181182

182-
To create a new EPerson registration, perform a post with the JSON below to the eperson registrations endpoint (without being authenticated).
183+
To create a new EPerson registration, perform a POST with the JSON payload below to the eperson registrations endpoint (without being authenticated).
183184

184185
```json
185186
{
186-
"email": "user@institution.edu",
187-
"type": "registration"
187+
"email": "user@institution.edu"
188188
}
189189
```
190190

191-
Requires query parameter 'accountRequestType' set with either 'register' or 'forgot' value, depending on the action requested.
191+
Requires query parameter `accountRequestType` set with value either `register` or `forgot`, depending on the action requested.
192192

193193
No other properties can be set (e.g. the name cannot be defined)
194-
If successful, an email will be sent with a token allowing the user to continue the registration
195194

196-
Verifying whether a new registration can be created can happen using the "epersonRegistration" [feature](features.md), verified against the site
195+
If successful, an email will be sent with a token allowing the user to continue the registration.
196+
197+
Verifying whether a new registration can be created can happen using the "epersonRegistration" [feature](features.md), verified against the site.
197198

198199
Status codes:
199200
* 201 Created - if the operation succeed
200201
* 400 Bad Request - if e.g. the query param 'accountRequestType' is not present or contains something else than forgot or register
201202
* 401 Unauthorized - if registration is disabled, you are not authorized to create a new registration
202203
* 422 Unprocessable Entity - if the email address was omitted or the e-mail address is in a domain that is not allowed in config `authentication-password.domain.valid`
203204

204-
205205
## Forgot password
206206

207-
The same endpoint as [Create new EPerson registration](#create-new-eperson-registration) is used.
207+
The same endpoint as [Create new EPerson registration](#create-new-eperson-registration) is used (set query parameter `accountRequestType` to `forgot`).
208208

209209
Using the same endpoint ensures it's not possible for a malicious user to identify which email addresses are registered by attempting a registration and verifying whether the account exists

0 commit comments

Comments
 (0)