Skip to main content
POST
Change my password

Authorizations

Authorization
string
header
required

Session JWT (from register/login) or API key (pk_...). X-API-Key: <token> is accepted as an alternative header.

Headers

X-OTP-Token
string

Single-use OTP token when the password_change action requires it.

Body

application/json
new_password
string
required
Minimum string length: 8
current_password
string

Response

Password changed; previous sessions revoked; new session returned.

Last modified on July 19, 2026