To reset a user's password from the admin API side in Ory, you can use the account recovery flow. Here's a step-by-step process: 1. Initiate an administrative account recovery for the user: Use the Admin API to create a recovery code for the specific user. You'll need to send a POST request to the

/admin/recovery/code

endpoint with the user's identity ID.

bash curl --request POST -sL \   --header "Authorization: Bearer ORY_API_KEY" \   --header "Content-Type: application/json" \   --request POST \   --data '{   "expires_in": "12h",   "identity_id": "e01b5f2f-6afc-4194-8578-4cebcf69a4d5" }' https://$<http://PROJECT_SLUG.projects.oryapis.com/admin/recovery/code|PROJECT_SLUG.projects.oryapis.com/admin/recovery/code>

[Administrative account recovery](https://www.ory.sh/docs/kratos/manage-identities/account-recovery) 2. The API will respond with a recovery link and code:

json {   "recovery_link": "/ui/recovery?flow=79686c66-e427-4c1b-861e-083572f97964",   "recovery_code": "76453943",   "expires_at": "2022-10-25T03:09:37.60684766Z" }

3. Send the recovery link and code to the user: You'll need to implement a way to securely communicate this information to the user, typically via email or another secure channel. 4. User completes the recovery process: The user must access the recovery link and enter the recovery code in the form available at that link. After successfully recovering their account, they can create a new password. [Account Recovery Documentation](https://www.ory.sh/docs/kratos/self-service/flows/account-recovery-password-reset) It's important to note that this process doesn't directly reset the password from the admin side. Instead, it initiates a secure flow that allows the user to reset their own password. This approach maintains security by ensuring that even administrators don't have direct access to user passwords. Remember to use API Keys for authorization when making these admin API calls. You can learn more about API Keys in the Ory Network from the [Authorization with API Keys documentation](https://www.ory.sh/docs/concepts/personal-access-token).

@chilly-king-10285 But this requires a user’s involvement. Suppose their account is compromised, and we have to reset the password now without waiting for any action from the user’s side. Is this possible?

New message text here

I apologize for the confusion in my previous response. You're right, and thank you for providing the error message. Let me explain why this is happening and what alternatives are available. The error message you received indicates that you cannot remove the primary (first factor) credentials for an identity. This is a security measure implemented by Ory to prevent accounts from becoming inaccessible. According to the [Ory API Reference](https://www.ory.sh/docs/reference/api#tag/identity/operation/deleteIdentityCredentials), you cannot delete password or code auth credentials through this API. The documentation states: "You cannot delete password or code auth credentials through this API." This limitation is in place to ensure that there's always a way for users to authenticate themselves. Given this constraint, there isn't a direct way to reset a user's password immediately without their involvement using the Admin API. The account recovery flow I mentioned earlier remains the recommended approach for resetting passwords, even in cases of compromised accounts. However, if immediate action is required due to a security concern, you have a few options: 1. Disable the account: You can change the user's status to "inactive" using the [Update Identity API](https://www.ory.sh/docs/reference/api#tag/identity/operation/updateIdentity). This will prevent login attempts while you work on resolving the issue. 2. Use a custom attribute: You could add a custom attribute to the user's identity (like "force_password_reset: true") and implement logic in your application to require a password reset on the next login attempt. 3. Contact Ory support: If you're using Ory Network and have a critical security situation, you might want to reach out to Ory support for guidance on handling compromised accounts. Remember, these approaches don't directly reset the password but provide ways to secure the account until the user can safely reset their password. I apologize again for the incorrect information in my previous response. Thank you for bringing this to my attention, as it helps improve the accuracy of the information provided.

Based on the information provided in the knowledge sources, I can guide you on how to contact Ory support as a Production plan user. For Production plan users, Ory offers standard support. Here are the ways you can reach out to Ory support: 1. Slack Community: You can join the Ory Slack community for support. This is available for all users, including those on the Production plan. You can join the Slack community by visiting [Ory's chat page](https://www.ory.sh/chat). 2. Email Support: You can reach out to Ory support via email at [[email protected]](https://www.ory.sh/cdn-cgi/l/email-protection#731616133d101211331c01065d0017). 3. GitHub Discussions: You can also use GitHub Discussions for Ory Network, Ory Kratos, Ory Hydra, Ory Keto, and Ory Oathkeeper. These platforms are great for in-depth discussions and sharing code examples or logs. You can find these discussions on the respective GitHub project pages. 4. Contact Form: If you have specific questions or need more personalized assistance, you can use the [contact form on Ory's website](https://www.ory.sh/contact/). It's worth noting that while the Production plan includes standard support, it does not include the higher-tier support options like Enterprise Support or Enterprise Premium Support, which are available on the Enterprise plan [Ory Pricing](https://www.ory.sh/pricing/). For any critical issues or if you need more immediate assistance, I recommend using the Slack community or email support for the quickest response.