Change and Forgot Password

Change a user's password or send them a forgot password link with the Next Identity API

📘

API reference for /forgot-password and /change-password endpoints

In addition to the integration documentation in this section, refer to the API Reference for the /forgot-password endpoint and /change-password for more details.

Introduction

The change password use case is used when you need to change an existing password while the user is signed in to their profile.

The forgot password use case is designed to initiate an email or SMS message to the user. Once the user is redirected back to your own application, your application needs to present them with a screen to set a new password.

Assumptions

Your application is hosting the change and/or forgot password screen (and are not using the Next Identity Journeys hosted screens).

The following /change-password and /forgot-password use cases are supported:

  • Send user forgot password link by email address
  • Send user forgot password link by mobile phone number
  • Send user change password link by email address
  • Change existing password

These use cases are discussed in the following sections.

Send user forgot password link by email address

📘

API reference for /forgot-password endpoint

In addition to the integration documentation in this section, refer to the API Reference for the /forgot-password endpoint for more details.

Introduction

This is the API call initiating a forgot password email to a user who has forgotten their password.

Sample API Call

This is the API call for initiating a forgot password email to the end user.

curl --request POST \
     --url 'https://id.eu.nextreason.com/idp/v1/account/forgot-password' \
     --header 'Content-Type: application/json' \
     --data '
{
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "auth_type": "email",
     "user_id": "[email protected]",
     "locale": "en-US",
     "redirect_uri": "https://localhost.com"
}
'

Send user forgot password link by mobile phone number

Introduction

This endpoint will initiate the password reset workflow by sending an SMS message to the user with a single-use PIN for the reset password.

Sample API Call

This is the API call for initiating a forgot password SMS message, with a single-use code included, to the end user.

curl --location --request POST 'https://id.eu.nextreason.com/idp/v1/account/forgot-password' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
             "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
             "auth_type": "sms",
             "redirect_uri": "http://localhost.com",
             "user_id":"+15417543010",
             "locale": "en-US"
            }'

Send user change password link by email address

📘

API reference for /change-password endpoint

In addition to the integration documentation in this section, refer to the API Reference for the /change-password endpoint for more details.

Introduction

This is the API call for changing a user's password.

🚧

Note about /change-password endpoint

For these calls, you do need to pass in the bearer token via the header. In this use case, since the user has not logged in, you will get the token by initiating a forgot password email or SMS message to the end user.

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/change-password \
     --header 'Content-Type: application/json' \
     --header 'Authorization: Bearer qtvzrytnhndfuf9j' \
     --data '{
               "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
               "locale": "en-US",
               "password": "[email protected]%s^GB",
               "password_confirm": "[email protected]%s^GB"
             }'

Change existing password

Introduction

This is the API call for updating a signed-in user's existing password to a new one.

Sample API Call

This is the API call for initiating a change password email to the end user.
This sample only includes the required parameters necessary to make a successful call. Please refer to the API Reference for change-password endpoint for optional parameters and the various values available for each parameter.

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/change-password \
     --header 'Content-Type: application/json' \
     --header 'Authorization: Bearer qtvzrytnhndfuf9j' \
     --data '{
         "auth_type": "email",
         "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
         "user_id": "[email protected]",
         "password": "[email protected]%s^GB",
         "password_confirm": "[email protected]%s^GB"
      }'

What’s Next