Reset Connectivity Management Password:

PUT /session/password/actions/reset

Returns a new, randomly generated password for the current username. The new password is effective immediately. Passwords do not expire, but Verizon recommends changing your password every 90 days.


Managing Passwords

There are three popular strategies for managing Connectivity Management API log in credentials (also known as UWS credentials):

One username for all API requests The simplest method for managing API log in credentials is to only have one username and password, and use those credentials for all API requests.

One username for each department or group If your organization has multiple departments or groups that work with M2M devices and things, you may want to have a separate username and password for each group. For example, if one group is responsible for all new activations and another group is responsible for changes to existing lines, having separate credentials allows you to know which group made each change in the provisioning history of a device. It may be easier to track this information in your own application, though. Note that access to API resources is not restricted by username, but you can write your application to restrict access to only certain operations.

One Wireless Network Services username; separate application user accounts For organizations that require the highest level of access control and accountability, the ThingSpace M2M provisioning application that you develop should have its own set of user accounts, possibly tied in with corporate accounts. Your application can track which users make provisioning changes, and use a single username for all Connectivity Management API requests. Note that access to API resources is not restricted by username, but you can write your application to restrict access for different users.

The ThingSpace Platform locks a username after 5 consecutive failed log in attempts. You must contact M2M Support to get the username unlocked.

Request Components

HTTP Request


Query Parameters


Header Parameters

The request header must contain a current ThingSpace authorization bearer token and a valid VZ-M2M session token, and must set the content-type to JSON.


Parameter Name Data Type Description
string HTTP Authorization bearer token.
string A valid session token returned by POST /session/login.
string Must be application/json.

Request Body

Parameter Name Data Type Description
string The current password for the username

Example Request Body

  "oldPassword": "grflbk"

Success Responses

Status 200

Parameter Name Data Type Description
newPassword string The new password for the username.

Example Success Response

  "newPassword": "Wh0a1545a84d"

Failure Responses

Status 400

All error messages are returned in this format:

  "errorCode": "error code string",
  "errorMessage": "error message string"

Error codes and messages are listed on the Error Messages page, along with explanations and suggestions for corrective actions.

Try It Out!