Neo4j 4.1.1 change password using Rest API

Hello,

i'm trying to use this API to reset password of a user on Neo4j 4.1.1 but i receive 404:

curl -v -H "Content-Type: application/json" -X POST -d '{"password":"Accenture.1"}' -u neo4j:neo4j http://localhost:7474/user/neo4j/password

  • About to connect() to localhost port 7474 (#0)
  • Trying 127.0.0.1...
  • Connected to localhost (127.0.0.1) port 7474 (#0)
  • Server auth using Basic with user 'neo4j'

POST /user/neo4j HTTP/1.1
Authorization: Basic bmVvNGo6bmVvNGo=
User-Agent: curl/7.29.0
Host: localhost:7474
Accept: /
Content-Type: application/json
Content-Length: 26

  • upload completely sent off: 26 out of 26 bytes
    < HTTP/1.1 404 Not Found
    < Access-Control-Allow-Origin: *
    < Cache-Control: must-revalidate,no-cache,no-store
    < Content-Type: text/html;charset=iso-8859-1
    < Content-Length: 0
    <

Can anyone help me?

Thanks,

Alessio

that is the expected behavior as /user/neo4j/password is to address 'native' users which were recorded in data/dbms/auth whereas for 4.0.x forward usernames/passwords are now recorded in the system database. Please use built-in stored procedure dbms.security.changePassword() and as descrbed at Procedures - Operations Manual

You could still utilize REST to call this, i.e. have REST call a Cypher statement

Thanks Dana,

Can you give me an example of Rest call a cypher statement?

I need to change the intial neo4j password using a rest client.

Thanks a lot!

Alessio

this is described in the documentation at https://neo4j.com/docs/http-api/4.1/actions/#http-api-actions

and Run queries inside a transaction - HTTP API which states sending a body similar to

{
  "statements" : [ {
    "statement" : "CREATE (n) RETURN n"
  } ]
}

to which you would replace CREATE (n) RETURN N; with call dbms.security.changePassword('football'); for example which would set the password to football

Thanks Dana!

I have tried with this curl:

curl -v -H "Content-Type: application/json" -X POST -d '{ "statements" : [ { "statement" : "call dbms.security.changePassword('test.1'); " } ]}' -u neo4j:neo4j http://localhost:7474/db/neo4j/tx

and i recieved this response:

{"results":,"errors":[{"code":"Neo.ClientError.Security.CredentialsExpired","message":"Permission denied.\n\nThe credentials you provided were valid, but must be changed before you can use this instance. If this is the first time you are using Neo4j, this is to ensure you are not using the default credentials in production. If you are not using default credentials, you are getting this message because an administrator requires a password change.\nChanging your password is easy to do via the Neo4j Browser.\nIf you are connecting via a shell or programmatically via a driver, just issue a ALTER CURRENT USER SET PASSWORD FROM 'current password' TO 'new password' statement against the system database in the current session, and then restart your driver with the new password configured."}],"commit":"http://localhost:7474/db/neo4j/tx/1/commit"}

So i try to launch this one:

curl -v -H "Content-Type: application/json" -X POST -d '{ "statements" : [ { "statement" : "ALTER CURRENT USER SET PASSWORD FROM 'neo4j' TO 'test.1'" } ]}' -u neo4j:neo4j http://localhost:7474/db/neo4j/tx

But i have recieved the same response.

Is there any curl to do the initial reset of default neo4j password?

Thanks a lot!

Alessio

????

So this is simply to reset the default password for the neo4j user and before startup? is that correct?
if so we would recommend bin/neo4j-admin set-initial-password

Thanks a lot!!
This solution is ok for me