Initialize Password
POST
/web/v1/users/self/auth/password/init NoneInitializes a password for a newly registered user who completed registration without setting a password. Returns a 201 Created response on success.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
| Authorization | Bearer | JWT access token |
Request Parameters
| Name | Type | Required | In | Description |
|---|---|---|---|---|
request | Object | Required | body | PasswordInitRequest object (see request body schema) |
Success Response
Success 201
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": {
"email": "user@example.com",
"passwordSet": true
}
}Error Responses
Unauthorized 401
{
"success": false,
"code": "4010",
"message": "Invalid or expired token"
}Notes
- Returns HTTP 201 Created on success.
- Rate limited to 5 requests per 300-second window.
- The
sessionIdmust come from a prior registration or login flow. - Request body is strictly validated — unknown or unexpected fields will be rejected with HTTP 400.