Skip to main content
PATCH
/
api
/
user
/
password
Update User Password
curl --request PATCH \
  --url https://api.example.com/api/user/password \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: <content-type>' \
  --header 'x-api-key: <x-api-key>' \
  --data '
{
  "oldPassword": "<string>",
  "newPassword": "<string>"
}
'
{
  "success": true,
  "message": "Password updated successfully"
}
Updates the authenticated user’s password. Requires the current password for verification.

Authentication

This endpoint requires both API key and JWT authentication.

Required Headers

x-api-key
string
required
Your API key for accessing the API
Authorization
string
required
Bearer token in the format: Bearer <token>
Content-Type
string
required
Must be application/json

Request Body

oldPassword
string
required
User’s current password for verification
newPassword
string
required
New password to set. Must be different from the old password.

Response

success
boolean
Indicates if the request was successful
message
string
Response message indicating the result of the password update

Example Request

cURL
curl --request PATCH \
  --url https://api.example.com/api/user/password \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: your_api_key_here' \
  --data '{
    "oldPassword": "currentPassword123",
    "newPassword": "newSecurePassword456"
  }'

Example Response

{
  "success": true,
  "message": "Password updated successfully"
}

Error Responses

{
  "success": false,
  "message": "New password cannot be the same as the old password"
}

Security Notes

  • The old password is verified using bcrypt comparison before allowing the update
  • The new password must be different from the old password
  • The new password is hashed using bcrypt with a salt factor of 10 before storage
  • Both oldPassword and newPassword fields are required

Build docs developers (and LLMs) love

Get started for freeTalk to us