Member password reset

The member password reset flow is a multi-step process that includes sending an email to the registered email address to reset a forgotten password and enable member authentication.

IMPORTANT

The member must have access to the registered email address to perform a password reset. To update a known password, use the member password update flow instead.

Member password reset flow

Create a password reset code
Validate the password reset code
Reset member password

Create a password reset code

The password reset flow is initiated by calling the CreatePasswordResetCode endpoint. This endpoint creates a single-use password reset code and sends it to the member's registered email address.

The CreatePasswordResetCode endpoint can be called with the member's current email or username.

Copy
Copied
{
  "email": "string",
  "username": "string"
}
NOTE

The CreatePasswordResetCode endpoint will always return a successful response, regardless of the existence of a member with the provided email/username.

Validate the password reset code

As the created single-use password reset code may have expired, or may have already been used, use the ValidatePasswordResetCode to validate it.

Copy
Copied
{
  "resetCode": "string"
}

This endpoint returns an isValid response, indicating whether the password reset code can be used.

Copy
Copied
{
  "isValid": true
}

Reset member password

Finally, use the ResetPassword endpoint with the validated resetCode and updated password to set the member's new password.

Copy
Copied
{
  "resetCode": "string",
  "password": "string"
}
IMPORTANT

When choosing a new password, the configured member password rules must be followed.