Identity Service v2 (Change Password)

API Reference
Postman Collection

Getting Started

About the API

The identityService API allows Participant Users to reset their password for a specific Participant ID account. Passwords expire every 90 days but you can reset your password any time, even after the expiry date.

Note: You can only use the API to reset your password if your Participant User account is active and not locked due to multiple incorrect password attempts. Your account is locked after six incorrect password attempts.

Getting Access

Participants will require a SSL certificate and URM account with correct user access.


Q: What are the Password Requirements?

Passwords rules are as follows:

  • Are case sensitive.

  • Must be minimum eight characters long.

  • Must contain at least one character from at least three of the following four character sets:

    • English upper case letters e.g. A, B, C, ... Z

    • English lower case letters e.g. a, b, c, ... z

    • Numerals e.g. 0, 1, 2, ... 9

    • Non-alphanumeric ("special characters") such as punctuation symbols e.g. - + !

  • Do not include a space, a comma, or any of the following special characters , , &.

  • Expire every 90 days (equals one cycle) but you can it before the 90-day password expiry.

  • Cannot be reused in the next 12 cycles.

  • Cannot use your Participant User ID or the word “password”.

External Docs

Below are a list of external links for additional context to the API or Program:

API Details

Authentication Methods

This API is using the following Security Policies:


Below are the base URLs used for this API:


Base URL

Data Type

Pre-Production Internet Entry

Test Data

Pre-Production MarketNet Entry

Test Data

Production Internet Entry

Live Data

Production MarketNet Entry

Live Data


Paths, Headers, Request Body and Responses can be found in the API Reference (OpenAPI Spec).