Reset Password

POST/web/v1/users/self/auth/password/reset None

Resets the user's password using a token received via the forgot-password email. The token is single-use and time-limited.

Required Headers

Header	Example Value	Description
Content-Type	application/json	Request content type
Accept	application/json	Expected response type
X-Client-Hash		Client device fingerprint
Accept-Language	`en`, `zh`, `zh-Hant`, `ja`, `vi`	Response language (default: `en`)

Request Parameters

Name	Type	Required	In	Description
`rawRequestBody`	`String`	Required	body	Encrypted request payload (parsed server-side)

Success Response

Success 200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "success": true,
    "email": "user@example.com"
  }
}

Error Responses

Unauthorized 401

{
  "success": false,
  "code": "4010",
  "message": "Invalid or expired token"
}

Notes

The reset token is single-use and time-limited.
Rate limited to 5 requests per 300-second window.
The request body is strictly validated; unknown properties will cause a rejection.

Reset Password ​

Required Headers ​

Request Parameters ​

Success Response ​

Error Responses ​

Notes ​

Reset Password

Required Headers

Request Parameters

Success Response

Error Responses

Notes