Dev GuideAPI ReferenceUser Guide
Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunityDoc feedbackLog In
GitHubNuGetDev CommunityDoc feedback

Code Sample


The example below is a handler that password data from a user resetting his or her current password to a new password. A reset token is expected, which is appended to the password reset URL previously generated using the IAuthenticationService.GeneratePasswordResetUrl method.
**Example**
  • True the supplied reset token is valid.
**Returns**
  • **userName** – The username to use when validating the reset token.
  • **resetToken** – The reset token to validate.
**Parameters**

Indicates whether or not the supplied reset token is valid.
## VerifyPasswordResetTokenForUser(string, string)
  • True if the credentials are valid.
**Returns**
  • **userName** – The username to validate.
  • **password** – The password to validate.
**Parameters**

Validates the specified user credentials.
## ValidateUser(string, string)
  • True if the username is already being used by an existing user.
**Returns**
  • **userName** – The username to check against existing users.
**Parameters**

Checks if a username is already being used by an existing user.
## UserNameAlreadyExists(string)
  • An empty string if the update was successful. Otherwise, it returns   a comma-delimited string of error messages that resulted from the   update.
**Returns**
  • **userName** – The username of the user for which the email address   should be updated.
  • **email** – The new email address for the user.
**Parameters**

Updates the email address for the user.
## UpdateUser(string, string)
  • **userName** – The username of the user for which the account should   be unlocked.
**Parameters**

Unlocks the account for the user. The account should be locked out in order for this to work.
## UnlockUser(string)
void SignOut()
Ends the currently authenticated user's session.
## SignOut()
  • **userName** – The username of the user to authenticate.
**Parameters**

Authenticates the specified user. This is used during impersonation, access token validation, and punchout session initialization.
## SetUserAsAuthenticated(string)
  • True if the role exists in the application.
**Returns**
  • **roleName** – The name of the role to check for existence.
**Parameters**

Indicates whether or not the role exists in the application.
## RoleExists(string)
  • True if the password change was successful.
**Returns**
  • **userName** – The username of the user for which the password   should be changed.
  • **newPassword** – The new password to use for the user's account.
  • **resetToken** – The reset token generated previously for the user   to change his or her password.
**Parameters**

Changes the password for a user, assuming the reset token is valid.
## ResetPasswordForUser(string, string, string)
  • The new password for the user's account.
**Returns**
  • **userName** – The username of the user for which the password   should be reset.
**Parameters**

Resets the current user's password to a randomly-generated, valid password.
## ResetPassword(string)
  • True if email addresses must be unique among all users.
**Returns**

In regards to account creation, indicates whether or not email addresses must be unique among all users.
## RequiresUniqueEmail()
  • True if a security question and answer are required.
**Returns**

In regards to account creation, indicates whether or not a security question and answer are required.
## RequiresQuestionAndAnswer()
An empty string if the unassignment was successful. Otherwise, it returns a comma-delimited string of error messages that resulted from the unassignment.
**Returns**
  • **userName** – The username of the user for which to unassign the   role.
  • **roleName** – The name of the role to unassign from the user.
**Parameters**

Unassigns the role from the user.
## RemoveUserFromRole(string, string)
  • The minimum number of uppercase characters required for a valid   password.
**Returns**

In regards to password complexity, returns the minimum number of uppercase characters required for a valid password.
## MinRequiredUppercaseCharacters()
  • The minimum length required for a valid password.
**Returns**

In regards to password complexity, returns the minimum length (total number of characters) required for a valid password.
## MinRequiredPasswordLength()
  • The minimum number of non-alphanumeric characters required for a   valid password.
**Returns**

In regards to password complexity, returns the minimum number of non-alphanumeric characters required for a valid password.
## MinRequiredNonAlphanumericCharacters()
  • The minimum number of lowercase characters required for a valid   password.
**Returns**

In regards to password complexity, returns the minimum number of lowercase characters required for a valid password.
## MinRequiredLowercaseCharacters()
  • The minimum number of digits required for a valid password.
**Returns**

In regards to password complexity, returns the minimum number of digits required for a valid password.
## MinRequiredDigits()
  • **userName** – The username of the user to lock out.
**Parameters**

Locks a user out of the application. For Admin Console users, this will apply to the Admin Console. For Storefront users, this will apply to the Storefront.
## LockUserOut(string)
  • True if the password meets the complexity requirements.
**Returns**
  • **password** – The password to check for validity.
**Parameters**

Check a password to see if it meets complexity requirements.
## IsValidPassword(string)
  • True if the role is assigned to the user.
**Returns**
  • **userName** – The username of the user for which to check for the   role assignment.
  • **roleName** – The name of the role to check for the role   assignment.
**Parameters**

Indicates whether or not the role is assigned to the user.
## IsUserInRole(string, string)
  • True if the current user is locked out of the application.
**Returns**
  • **userName** – The username of the user for which to check the   locked out status.
**Parameters**

Returns whether or not the current user is locked out of the application. This can check the status of both Admin Console and Storefront users.
## IsLockedOut(string)
  • True if the current user is currently authenticated.
**Returns**

Returns whether or not the current user is currently authenticated.
## IsAuthenticated()
  • The roles assigned to a user.
**Returns**
  • **userName** – The username of the user for which to return assigned   roles.
**Parameters**

Gets the roles assigned to a user.
## GetRolesForUser(string)
  • All users who have any of the specified roles assigned.
**Returns**
  • **roles** – The collection of rolenames to use when searching for   users.
**Parameters**

Returns all users who have any of the specified roles assigned.
## GetAllUsersWithRoles(IEnumerable\<string>)
Collection of available roles.
**Returns**

Returns all the roles available in the application.
## GetAllRoles()
  • A password reset URL that includes a reset token.
**Returns**
  • **userName** – The user name of the user for which to generate a   password reset URL.
  • **isReset** – True if the URL is for a password reset operation,   otherwise for an account activation operation.
**Parameters**

Generates a password reset URL for the specified user. The user can use the URL to reset his or her account password.
## GeneratePasswordResetUrl(string, bool)
  • A valid password.
**Returns**

Generates a valid password based on password complexity requirements.
## GeneratePassword()
  • True if the email address is already being used.
**Returns**
  • **email** – The email address to check against existing users.
**Parameters**

Checks if an email address is already being used by an existing user.
## EmailAlreadyExists(string)
  • An empty string if the delete was successful. Otherwise, it returns   a comma-delimited string of error messages that resulted from the   delete.
**Returns**
  • **userName** – The username of the user to delete.
**Parameters**

Deletes the specified user.
## DeleteUser(string)
  • An empty string if the delete was successful. Otherwise, it returns   a comma-delimited string of error messages that resulted from the   delete.
**Returns**
  • **roleName** – The name of the role to delete.
**Parameters**

Deletes the specified role.
## DeleteRole(string)
  • An empty string if the operation was successful. Otherwise, it   returns a comma-delimited string of error messages that resulted   from the operation.
**Returns**
  • **userName** – The username to use when creating the user.
  • **email** – The email address to use when creating the user.
  • **password** – The password to be used for the user's account.
**Parameters**

Creates a new user using the specified password.
## CreateUser(string, string, string)
  • An empty string if the operation was successful. Otherwise, it   returns a comma-delimited string of error messages that resulted   from the operation.
**Returns**
  • **userName** – The username to use when creating the user.
  • **email** – The email address to use when creating the user.
**Parameters**

Creates a new user without a password.
## CreateUser(string, string)
  • An empty string if the assignment was successful. Otherwise, it   returns a comma-delimited string of error messages that resulted   from the operation.
**Returns**
  • **roleName** – The name of the role to create.
**Parameters**

Creates a new role with the specified role name.
## CreateRole(string)
  • True if the change was successful.
**Returns**
  • **userName** – The username of the user whose password should be   changed.
  • **oldPassword** – The user's current password.
  • **newPassword** – The new password to be used for the user's   account.
**Parameters**

Changes the password for the specified user.
## ChangePassword(string, string, string)
  • True if usernames are only allowed to contain alphanumeric   characters.
**Returns**

Indicates whether or not usernames for users are only allowed to contain alphanumeric characters.
## AllowOnlyAlphanumericUserNames()
  • An empty string if the assignment was successful. Otherwise, it   returns a comma-delimited string of error messages that resulted   from the assignment.
**Returns**
  • **userName** – The username of the user who should be assigned the   role.
  • **roleName** – The name of the role to assign to the user.
**Parameters**

Assigns a role to a user.
## AddUserToRole(string, string)
## Methods

Gets the identity for the currently authenticated user.
### Identity
## Properties
The Authentication abstraction layer.
## Description