Password Reset

• Using a client_access_token on the request header, a call to the endpoint

POST api/1/user/reset-password/request?locale=locale 

The endpoint would return a HTTP 200 response.

{
    "username": "<USERNAME>"
}

a. This call would send an email notification to the user that contains a link for continuing the password reset.

b. The email notification would contain a forgot_password nonce

• The forgot_password nonce from the previous call would be needed in order to complete the password reset request.

A call to the endpoint

POST {{base_url}}/api/1/user/reset-password/finish?locale={{locale}}  

using a client_access_token , and the forgot_password nonce in the payload.

Payload

{
    "nonce": "<FORGOT_PASSWORD>",
    "password": "<NEW_PASSWORD>",
    "confirm_password": "<NEW_PASSWORD>"
}