Customer passwords can be reset in three steps:
Create a new customer password reset with the email of the customer.
Get the reset password token from the response.
Update the customer password reset resource passing the token and the new password.
It's your responsibility to verify the customer's identity before the third step. A typical flow is to send an email to the customer with a verification link that includes the reset password token.
A customer password reset object is returned as part of the response body of each successful create, list, retrieve, or update API call.
The customer password reset unique identifier
The customer password reset endpoint URL
The email of the customer that requires a password reset
Automatically generated on create. Send its value as the '_reset_password_token' argument when updating the customer password.
The customer new password. This will be accepted only if a valid '_reset_password_token' is sent with the request.
Send the 'reset_password_token' that you got on create when updating the customer password.
Time at which the password was reset.
Time at which the resource was created.
Time at which the resource was last updated.
A string that you can use to add any external identifier to the resource. This can be useful for integrating the resource to an external system, like an ERP, a marketing tool, a CRM, or whatever.
Any identifier of the third party system that defines the reference code
Set of key-value pairs that you can attach to the resource. This can be useful for storing additional information about the resource in a structured format.
The customer that requires a password reset.
The resource environment (can be one of