Forgot Password & Reset

Request a password reset email, then set a new password with the token.

Request reset email

POST /api/Authentication/forgot-password
Content-Type: application/json

{
  "email": "[email protected]"
}

The server sends a reset link to the user's email (if the account exists). Response is typically a generic success to avoid email enumeration.

Reset password

POST /api/Authentication/reset-password
Content-Type: application/json

{
  "token": "reset-token-from-email",
  "email": "[email protected]",
  "newPassword": "NewSecurePassword123!"
}

After success, the user can log in with the new password.

Related

• Login
• Register