POST /auth/reset-password
Set a new password using the token from the password reset email. The token is typically passed in the request body or as a query parameter (see your project’s reset link format).
Endpoint
POST /api/v1/public/projects/:projectSlug/auth/reset-passwordRequest Parameters
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
projectSlug | string | ✅ | Your project’s unique slug |
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
token | string | ✅ | Reset token from the email link |
password | string | ✅ | New password (must meet project’s password policy) |
Example Request Body
{
"token": "reset-token-from-email",
"password": "NewSecurePassword123!"
}Response
Success (200 OK)
{
"status": "ok"
}After success, the user can log in with the new password via POST /auth/login. The reset token is invalidated.
Error Responses
| Status Code | Error Code | Description |
|---|---|---|
| 400 | INVALID_REQUEST | Invalid token or password (e.g. too weak) |
| 401 | INVALID_TOKEN | Token expired or already used |
| 429 | RATE_LIMIT_EXCEEDED | Too many attempts |
| 500 | INTERNAL_SERVER_ERROR | Server error |
Available Hooks
- Event:
auth.password.reset.completed- When: After password is successfully reset
- Can do: Security logging, notify user, revoke other sessions
Configure in Project → Hooks. Learn more about hooks →
Try It Now
POST
https://api.aerocall.app/api/v1/public/projects/your-project/auth/reset-passwordRelated Endpoints
- POST /auth/reset-password-request - Request the reset email
- POST /auth/login - Login with new password