The change password workflow is used when you need to enable a user to change their existing password while the user is signed in to your application.
With the possession of a valid access token it is possible to call the change password endpoint to update a user's existing password. The change password endpoint supports the Password Guard feature of Next Identity Secure that prohibits and end user from reusing their current and some number of previous passwords.
/change-password endpoint applications can choose to either validate against the user's current password or not.
You'll need to pass in the bearer token in the header. In this use case, since the user has not logged in, you will get the token by initiating a forgot password email or SMS message to the end user.