Weavr
Powered by Redocly

Passwords

Create a password

Create a new password for the user identified by the user_id path parameter.

SecurityapiKey
Request
path Parameters
user_id
required
string^[0-9]+$

The unique identifier for the user.

Example: 110747174434373672
Request Body schema: application/json
required
required
object

The user's password or passcode used to log in a user. Passwords must be:

  • between 8 and 30 characters
  • include a lowercase character
  • include an uppercase character
  • include a digit and a special character
  • different from any of the 5 last such passwords used.

For non-PCI compliant integrations, the password submitted must be tokenised.

Responses
200

OK

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

404

Not found - The requested resource couldn't be found.

409

Conflict

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/password/{user_id}
Request samples
application/json
{
  • "password": {
    }
}
Response samples
application/json
{
  • "passwordInfo": {
    },
  • "token": "string"
}

Update a password

Update the password for the logged-in user.

SecurityapiKey and authToken
Request
Request Body schema: application/json
required
required
object

The user's password or passcode used to log in a user. Passwords must be:

  • between 8 and 30 characters
  • include a lowercase character
  • include an uppercase character
  • include a digit and a special character
  • different from any of the 5 last such passwords used.

For non-PCI compliant integrations, the password submitted must be tokenised.

required
object

The user's password or passcode used to log in a user. Passwords must be:

  • between 8 and 30 characters
  • include a lowercase character
  • include an uppercase character
  • include a digit and a special character
  • different from any of the 5 last such passwords used.

For non-PCI compliant integrations, the password submitted must be tokenised.

Responses
200

OK

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

409

Conflict

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/passwords/update
Request samples
application/json
{
  • "oldPassword": {
    },
  • "newPassword": {
    }
}
Response samples
application/json
{
  • "passwordInfo": {
    },
  • "token": "string"
}

Validate a password

Check that a password adheres to all complexity checks.

SecurityapiKey
Request
Request Body schema: application/json
required
required
object

The user's password or passcode used to log in a user. Passwords must be:

  • between 8 and 30 characters
  • include a lowercase character
  • include an uppercase character
  • include a digit and a special character
  • different from any of the 5 last such passwords used.

For non-PCI compliant integrations, the password submitted must be tokenised.

Responses
204

Success - No Content.

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

409

Conflict

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/passwords/validate
Request samples
application/json
{
  • "password": {
    }
}
Response samples
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}

Initiate lost password process

Initiate the lost password process.

If the email address provided is associated with an active user, an email will be sent, containing a URL that redirects the user to change their password. The URL contains request parameters for all of the parameters required to change the password for the user via the /passwords/lost_password/resume POST endpoint.

SecurityapiKey
Request
Request Body schema: application/json
required
email
required
string <email>

E-mail Address of the user

Responses
204

Success - No Content.

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

409

Conflict

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/passwords/lost_password/start
Request samples
application/json
{
  • "email": "user@example.com"
}
Response samples
application/json
{
  • "message": "string",
  • "syntaxErrors": {
    }
}

Resume lost password process

This is the second and final step in updating the password of a user who forgot their password.

SecurityapiKey
Request
Request Body schema: application/json
required
nonce
required
string = 6 characters ^[0-9]*$

A randomly generated one-time use code.

email
required
string <email>

E-mail Address of the user

required
object

The user's password or passcode used to log in a user. Passwords must be:

  • between 8 and 30 characters
  • include a lowercase character
  • include an uppercase character
  • include a digit and a special character
  • different from any of the 5 last such passwords used.

For non-PCI compliant integrations, the password submitted must be tokenised.

Responses
200

OK

400

Bad Request Error - Your request is invalid.

401

Unauthorized - Your credentials or access token are invalid.

403

Forbidden - Access to the requested resource or action is forbidden.

409

Conflict

429

Too many requests.

500

Internal Server Error - There is a problem with the server. Please try again later.

503

Service Unavailable - We're temporarily offline for maintenance. Please try again later.

default

Error

post/v1/passwords/lost_password/resume
Request samples
application/json
{
  • "nonce": "string",
  • "email": "user@example.com",
  • "newPassword": {
    }
}
Response samples
application/json
{
  • "token": "string"
}
➔ Next to Additional Factors