Skip to main content

Update Password

Change the password for the currently authenticated user.

Endpoint

POST /api/me/password

Headers

Authorization
string
required
Bearer token for authentication

Request Body

currentPassword
string
required
Current password for verification
newPassword
string
required
New password (minimum 8 characters)

Response

id
string
User UUID
username
string
Username
role
string
User role
updatedAt
string
ISO 8601 timestamp of update

Example Request

curl -X POST https://your-umami-instance.com/api/me/password \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "currentPassword": "old-password-123",
    "newPassword": "new-secure-password-456"
  }'

Example Response

{
  "id": "660e8400-e29b-41d4-a716-446655440001",
  "username": "john.doe",
  "role": "admin",
  "updatedAt": "2024-03-15T16:45:00.000Z"
}

Password Requirements

  • Minimum length: 8 characters
  • No maximum length restriction
  • Current password must be correct
After changing your password, your current authentication token remains valid. Consider logging out and logging back in with the new password.

Error Responses

400
error
Bad Request - Current password is incorrect
401
error
Unauthorized - Invalid or expired token

Security Best Practices

  • Use strong, unique passwords
  • Change passwords regularly
  • Never share passwords
  • Use a password manager
  • Enable two-factor authentication if available
The password is securely hashed using industry-standard algorithms before storage. Your current password is required for verification to prevent unauthorized password changes.

Build docs developers (and LLMs) love

Get started for freeTalk to us