Skip to main content

Endpoint

POST /api/users/reset-password

Request Body

email
string
required
The email address associated with the account.
resetCode
string
required
The 6-digit reset code received from the forgot-password endpoint.
newPassword
string
required
The new password for the account. Must be at least 6 characters long.

Response

Success response (200 OK)
message
string
Confirmation message: “Contraseña actualizada exitosamente”
userId
integer
The unique ID of the user whose password was reset
username
string
The username of the user whose password was reset

Example Request

curl -X POST https://api.mediguide.com/api/users/reset-password \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "resetCode": "123456",
    "newPassword": "newSecurePassword456"
  }'

Example Response

{
  "message": "Contraseña actualizada exitosamente",
  "userId": 42,
  "username": "john_doe"
}

Error Responses

400 Bad Request - Password Too Short

{
  "error": "La contraseña debe tener al menos 6 caracteres"
}

401 Unauthorized - Invalid Reset Code

{
  "error": "Código de recuperación inválido"
}
This error is returned when:
  • The email and reset code combination does not exist
  • The reset code does not match the one stored for the email

401 Unauthorized - Expired Reset Code

{
  "error": "El código de recuperación ha expirado"
}
This error is returned when the reset code has expired (more than 30 minutes old).

500 Internal Server Error

{
  "error": "Error message details"
}

Notes

  • After successful password reset, the reset code and expiry are cleared from the database
  • The reset code can only be used once
  • Password must be at least 6 characters long

Build docs developers (and LLMs) love

Get started for freeTalk to us