Change user password

POST

/user/password

• Nhost Authentication API Server

Change the user’s password. The user must be authenticated with elevated permissions or provide a valid password reset ticket.

Authorizations

• BearerAuthElevated
• None

Request Body ^required

New password and optional password reset ticket for authentication

object

newPassword

required

A password of minimum 3 characters

string

>= 3 characters <= 50 characters

Example

Str0ngPassw#ord-94|%

ticket

Ticket to reset the password, required if the user is not authenticated

string

/^passwordReset\:.*$/

Responses

200

Password changed successfully

string

Allowed values: OK

default

An error occurred while processing the request

Standardized error response

object

status

required

HTTP status error code

integer

Example

400

message

required

Human-friendly error message

string

Example

Invalid email format

error

required

Error code identifying the specific application error

string

Allowed values: default-role-must-be-in-allowed-roles disabled-endpoint disabled-user email-already-in-use email-already-verified forbidden-anonymous internal-server-error invalid-email-password invalid-request locale-not-allowed password-too-short password-in-hibp-database redirectTo-not-allowed role-not-allowed signup-disabled unverified-user user-not-anonymous invalid-pat invalid-refresh-token invalid-ticket disabled-mfa-totp no-totp-secret invalid-totp mfa-type-not-found totp-already-active invalid-state oauth-token-echange-failed oauth-profile-fetch-failed oauth-provider-error invalid-otp cannot-send-sms provider-account-already-linked