Reset Password

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…

Updates the user's password to the new password provided in the request. Calling this API will revoke the user's active auth sessions and refresh tokens.

Note, this API can be called in three distinct ways.

  1. The first way is from a password reset email containing a verification link. With this approach, the emailAuthCode field must be provided in the request body.
  2. The second way is from a password reset email containing an OTP. With this approach, the requestCode and verificationCode fields must be provided in the request body.
  3. The third way is from a password reset link. With this approach, the passwordResetCode field must be provided in the request body.

Several responses can be returned from this API. Please refer to the result response field description to see the different types of responses that can be returned.

Required Permissions

Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.

PermissionBoundaryDescription
password-reset-workflow:executeApplicationThe subject can perform this operation for requests associated with the application to which the subject belongs.

Body Params

Reset Password Request JSON object

Object representing a request to reset a user's password.

string
length ≥ 1

The email auth code that will be used to authorize the request. This value should be provided if a password reset email was sent containing a verification link. If provided then the passwordResetCode, requestCode and verificationCode fields must be null.

string
length ≥ 1

The password reset code that will be used to authorize the request. This value should be provided if a password reset link was used. If provided then the emailAuthCode, requestCode and verificationCode fields must be null.

string
length ≥ 1

A code that is used to identify the current password reset request. This value should be provided if a password reset email was sent containing an OTP. If provided then the emailAuthCode and passwordResetCode fields must be null.

string
length ≥ 1

The verification code that was sent to the user's email. This value should be provided if a password reset email was sent containing an OTP. If provided then the emailAuthCode and passwordResetCode fields must be null.

password
required
length ≥ 1

The user's new password.

boolean
Defaults to false

If set to true, then the Password Updated email will not be sent after the user's password is updated.

Responses

Language
Credentials
Bearer
JWT
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json