You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To create a new EPerson registration, perform a post with the JSON below to the eperson registrations endpoint (without being authenticated).
183
+
To create a new EPerson registration, perform a POST with the JSON payload below to the eperson registrations endpoint (without being authenticated).
183
184
184
185
```json
185
186
{
186
-
"email": "user@institution.edu",
187
-
"type": "registration"
187
+
"email": "user@institution.edu"
188
188
}
189
189
```
190
190
191
-
Requires query parameter 'accountRequestType' set with either 'register' or 'forgot' value, depending on the action requested.
191
+
Requires query parameter `accountRequestType` set with value either `register` or `forgot`, depending on the action requested.
192
192
193
193
No other properties can be set (e.g. the name cannot be defined)
194
-
If successful, an email will be sent with a token allowing the user to continue the registration
195
194
196
-
Verifying whether a new registration can be created can happen using the "epersonRegistration" [feature](features.md), verified against the site
195
+
If successful, an email will be sent with a token allowing the user to continue the registration.
196
+
197
+
Verifying whether a new registration can be created can happen using the "epersonRegistration" [feature](features.md), verified against the site.
197
198
198
199
Status codes:
199
200
* 201 Created - if the operation succeed
200
201
* 400 Bad Request - if e.g. the query param 'accountRequestType' is not present or contains something else than forgot or register
201
202
* 401 Unauthorized - if registration is disabled, you are not authorized to create a new registration
202
203
* 422 Unprocessable Entity - if the email address was omitted or the e-mail address is in a domain that is not allowed in config `authentication-password.domain.valid`
203
204
204
-
205
205
## Forgot password
206
206
207
-
The same endpoint as [Create new EPerson registration](#create-new-eperson-registration) is used.
207
+
The same endpoint as [Create new EPerson registration](#create-new-eperson-registration) is used (set query parameter `accountRequestType` to `forgot`).
208
208
209
209
Using the same endpoint ensures it's not possible for a malicious user to identify which email addresses are registered by attempting a registration and verifying whether the account exists
0 commit comments