Password Reset Process
This article outlines the steps and API endpoints required to reset a user's password before authorization.
The process consists of three main steps:
- Request a Password Reset Code: Obtain a reset code via email.
- Validate the Reset Code: Submit the reset code to receive a signed payload for validation.
- Change the Password: Use the signed payload to update the password.
Step 1: Request a Password Reset Code
Endpoint: Reset Password, Phase 1
The user requests a reset code, which is sent to their registered email.
Request Example:
{
"username": "[email protected]" // The email address of the user requesting the password reset.
}
Step 2: Validate the Reset Code
Endpoint: Reset Password, Phase 1
The user submits the reset code to validate their identity and receive a signed payload for further validation.
Request Example:
{
"username": "[email protected]", // The email address of the user.
"code": "12345" // The code received via email.
}
Step 3: Change the Password
Endpoint: Reset Password, Phase 2
Use the signed payload to update the password.
Password Requirements:
- Length: 8 to 32 characters
- Must contain both lowercase and uppercase Latin letters
- Must include at least 1 number
- Must contain at least 1 symbol (e.g.,
!,@,#,$)
Request Payload:
{
"newPassword": "A9#bL8@z", // The new password chosen by the user.
"signedPayload": "cmVzZXRQYXNzd26RkVnNFpOeWdXckc3VXZoOHozYjlPTUZIajJ2SVR6UT0=", // The signed payload for validation.
"username": "[email protected]" // The email address of the user.
}
Updated 2 days ago