Change Password

Phase 1: Initiate Password Change

Endpoint

POST /v1/password/change

Description

This endpoint verifies current password, checks if the new password meets the requirements below and then sends an OTP code on email specified on Sign up Step.

❗️

Password Requirements:

• Length: 10 to 32 characters
• Must contain both lowercase and uppercase Latin letters
• Must include at least 1 number
• Must contain at least 1 symbol (e.g., !, @, #, $)
• A weak password (e.g., including qwerty or 12345 combinations) will not be accepted
• The last 5 user's passwords cannot be specified as a new one

Request Body

Response

• 200 OK – OTP has been sent for confirmation.

Example Response

{
  "result": "string"
}

Phase 2: Confirm Password Change

Endpoint

POST /v1/password/change/confirm

Description

This endpoint verifies the OTP code and changes the password.

🛡️ Email Verification Code – API Rules

📌 Code Format

✅ 6-digit numeric code
✅ Only numbers allowed

⏳ Code Expiry

✅ Valid for 5 minutes
❌ Expired codes cannot be used for verification

🔄 Resend Policy

✅ A new code can be requested once every 60 seconds
❌ Frequent requests are restricted

⚠ Verification Attempts & Account Lock

✅ Users have 5 attempts to enter the correct code
❌ After 5 failed attempts, the account is temporarily locked and user's forcibly logged out
✅ To unlock the account user should contact the support team.

Response

Request Body

• 200 OK – Password successfully changed.

Example Response

{
  "result": "string"
}

Once the password's been changed Retrieve User Information endpoint retrieves new value for passwordLastChangeDate parameter.