Change and Forgot Password
Change a user's password or send them a forgot password link with the Next Identity API
API reference for
/forgot-password
and/change-password
endpointsIn addition to the integration documentation in this section, refer to the API Reference for the
/forgot-password
endpoint and/change-password
for more details.
Introduction
The change password use case is used when you need to change an existing password while the user is signed in to their profile.
The forgot password use case is designed to initiate an email or SMS message to the user. Once the user is redirected back to your own application, your application needs to present them with a screen to set a new password.
Assumptions
Your application is hosting the change and/or forgot password screen (and are not using the Next Identity Journeys hosted screens).
The following /change-password
and /forgot-password
use cases are supported:
- Send user forgot password link by email address
- Send user forgot password link by mobile phone number
- Send user change password link by email address
- Change existing password
These use cases are discussed in the following sections.
Send user forgot password link by email address
API reference for
/forgot-password
endpointIn addition to the integration documentation in this section, refer to the API Reference for the
/forgot-password
endpoint for more details.
Introduction
This is the API call initiating a forgot password email to a user who has forgotten their password.
Sample API Call
This is the API call for initiating a forgot password email to the end user.
curl --request POST \
--url 'https://id.eu.nextreason.com/idp/v1/account/forgot-password' \
--header 'Content-Type: application/json' \
--data '
{
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"auth_type": "email",
"user_id": "[email protected]",
"locale": "en-US",
"redirect_uri": "https://localhost.com"
}
'
Send user forgot password link by mobile phone number
Introduction
This endpoint will initiate the password reset workflow by sending an SMS message to the user with a single-use PIN for the reset password.
Sample API Call
This is the API call for initiating a forgot password SMS message, with a single-use code included, to the end user.
curl --location --request POST 'https://id.eu.nextreason.com/idp/v1/account/forgot-password' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"auth_type": "sms",
"redirect_uri": "http://localhost.com",
"user_id":"+15417543010",
"locale": "en-US"
}'
Send user change password link by email address
API reference for
/change-password
endpointIn addition to the integration documentation in this section, refer to the API Reference for the
/change-password
endpoint for more details.
Introduction
This is the API call for changing a user's password.
Note about
/change-password
endpointFor these calls, you do need to pass in the bearer token via the header. In this use case, since the user has not logged in, you will get the token by initiating a forgot password email or SMS message to the end user.
curl --request POST \
--url https://id.eu.nextreason.com/idp/v1/account/change-password \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer qtvzrytnhndfuf9j' \
--data '{
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"locale": "en-US",
"password": "[email protected]%s^GB",
"password_confirm": "[email protected]%s^GB"
}'
Change existing password
Introduction
This is the API call for updating a signed-in user's existing password to a new one.
Sample API Call
This is the API call for initiating a change password email to the end user.
This sample only includes the required parameters necessary to make a successful call. Please refer to the API Reference for change-password
endpoint for optional parameters and the various values available for each parameter.
curl --request POST \
--url https://id.eu.nextreason.com/idp/v1/account/change-password \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer qtvzrytnhndfuf9j' \
--data '{
"auth_type": "email",
"client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
"user_id": "[email protected]",
"password": "[email protected]%s^GB",
"password_confirm": "[email protected]%s^GB"
}'
Updated 8 months ago